Merge pull request #7 from dfns/hd-wallets

HD wallets
LFDT-Lockness · Jul 24, 2024 · 72c2f79 · 72c2f79
2 parents 678afb6 + dafad7e
commit 72c2f79
Show file tree

Hide file tree

Showing 22 changed files with 1,153 additions and 231 deletions.
diff --git a/.github/workflows/rust.yml b/.github/workflows/rust.yml
@@ -13,21 +13,15 @@ jobs:
     runs-on: ubuntu-latest
     steps:
     - uses: actions/checkout@v3
-    - uses: webfactory/[email protected]
-      with:
-          ssh-private-key: ${{ secrets.CGGMP21 }}
     - uses: Swatinem/rust-cache@v2
       with:
         cache-on-failure: "true"
-    - name: Build all-features
+    - name: Build
       run: cargo build -p givre
   build:
     runs-on: ubuntu-latest
     steps:
     - uses: actions/checkout@v3
-    - uses: webfactory/[email protected]
-      with:
-          ssh-private-key: ${{ secrets.CGGMP21 }}
     - uses: Swatinem/rust-cache@v2
       with:
         cache-on-failure: "true"
@@ -37,9 +31,6 @@ jobs:
     runs-on: ubuntu-latest
     steps:
     - uses: actions/checkout@v3
-    - uses: webfactory/[email protected]
-      with:
-          ssh-private-key: ${{ secrets.CGGMP21 }}
     - uses: Swatinem/rust-cache@v2
       with:
         cache-on-failure: "true"
@@ -52,9 +43,6 @@ jobs:
     runs-on: ubuntu-latest
     steps:
     - uses: actions/checkout@v3
-    - uses: webfactory/[email protected]
-      with:
-          ssh-private-key: ${{ secrets.CGGMP21 }}
     - uses: Swatinem/rust-cache@v2
       with:
         cache-on-failure: "true"
@@ -70,22 +58,25 @@ jobs:
     runs-on: ubuntu-latest
     steps:
     - uses: actions/checkout@v3
-    - uses: webfactory/[email protected]
-      with:
-          ssh-private-key: ${{ secrets.CGGMP21 }}
     - uses: Swatinem/rust-cache@v2
       with:
         cache-on-failure: "true"
     - name: Run clippy
       run: cargo clippy --all --lib --all-features
+  clippy-tests:
+    runs-on: ubuntu-latest
+    steps:
+    - uses: actions/checkout@v3
+    - uses: Swatinem/rust-cache@v2
+      with:
+        cache-on-failure: "true"
+    - name: Run clippy
+      run: cargo clippy --all --tests --all-features
   check-doc:
     runs-on: ubuntu-latest
     steps:
     - uses: dtolnay/rust-toolchain@nightly
     - uses: actions/checkout@v3
-    - uses: webfactory/[email protected]
-      with:
-          ssh-private-key: ${{ secrets.CGGMP21 }}
     - uses: Swatinem/rust-cache@v2
       with:
         cache-on-failure: "true"

diff --git a/.gitignore b/.gitignore
@@ -2,3 +2,4 @@
 /wasm/no_std/target
 
 /.helix
+.cspell.config.yaml
diff --git a/Cargo.lock b/Cargo.lock
diff --git a/Cargo.toml b/Cargo.toml
@@ -9,10 +9,3 @@ exclude = [
   "wasm/no_std",
 ]
 
-[patch.crates-io.cggmp21-keygen]
-git = "https://github.com/dfnsco/cggmp21-private"
-rev = "730e1217443eccac983d0177cab222decf07f139"
-
-[patch.crates-io.key-share]
-git = "https://github.com/dfnsco/cggmp21-private"
-rev = "730e1217443eccac983d0177cab222decf07f139"
diff --git a/README.md b/README.md
@@ -6,7 +6,7 @@ signers to commit nonces ahead of time), and identifiable abort.
 This crate provides:
 * Distributed Key Generation (DKG) \
   FROST does not define DKG protocol to be used. We simply re-export DKG based on [CGGMP21] implementation
-  when `cggmp21-keygen` feature is enabled, which is a fairly reasonalbe choice as it's proven to be UC-secure.
+  when `cggmp21-keygen` feature is enabled, which is a fairly reasonable choice as it's proven to be UC-secure.
   Alternatively, you can use any other UC-secure DKG protocol.
 * FROST Signing \
   We provide API for both manual signing execution (for better flexibility and efficiency) and interactive protocol
@@ -23,7 +23,7 @@ The crate is wasm and no_std friendly.
 
 ### Distributed Key Generation (DKG)
 First of all, you need to generate a key. For that purpose, you can use any secure
-(preferrably, UC-secure) DKG protocol. FROST IETF Draft does not define any DKG
+(preferably, UC-secure) DKG protocol. FROST IETF Draft does not define any DKG
 protocol or requirements it needs to meet, so the choice is up to you. This library
 re-exports CGGMP21 DKG from `cggmp21-keygen` crate when `cggmp21-keygen` feature
 is enabled which is proven to be UC-secure and should be a reasonable default.
@@ -39,7 +39,7 @@ let outgoing: impl Sink<Outgoing<Msg>>;
 
 where:
 * `Msg` is a protocol message (e.g., `keygen::msg::threshold::Msg`)
-* `round_based::Incoming` and `round_based::Outgoing` wrap `Msg` and provide additional data (e.g., sender/recepient)
+* `round_based::Incoming` and `round_based::Outgoing` wrap `Msg` and provide additional data (e.g., sender/recipient)
 * `futures::Stream` and `futures::Sink` are well-known async primitives.
 
 
@@ -122,9 +122,8 @@ by lexicographically sorting the signers’ public keys, and letting the index o
 signer be the position of that signer’s public key in the sorted list.
 
 ## Webassembly and `no_std` support
-This crate is compatible with `wasm32-unknown-unknown` target and `no_std` unless
-`cggmp21-keygen`, `full-signing`, or `std` features are enabled. Other WASM targets
-might be supported even if these features are on.
+This crate is compatible with `wasm32-unknown-unknown` target and `no_std`. Requires
+disabling `std` feature which is on by default.
 
 [CGGMP21]: https://github.com/dfns/cggmp21
 [draft]: https://www.ietf.org/archive/id/draft-irtf-cfrg-frost-15.html
diff --git a/givre/Cargo.toml b/givre/Cargo.toml
@@ -6,8 +6,8 @@ edition = "2021"
 # See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html
 
 [dependencies]
-cggmp21-keygen = { version = "0.3", optional = true }
-key-share = { version = "0.4", default-features = false }
+cggmp21-keygen = { version = "0.3", default-features = false, optional = true }
+key-share = { version = "0.4.1", default-features = false }
 
 generic-ec = { version = "0.4", default-features = false, features = ["alloc"] }
 
@@ -22,14 +22,22 @@ sha2 = { version = "0.10", default-features = false, optional = true }
 
 serde = { version = "1", default-features = false, features = ["derive"], optional = true }
 
+slip-10 = { version = "0.4", default-features = false, optional = true }
+
 [dev-dependencies]
 rand_core = { version = "0.6", default-features = false, features = ["getrandom"] }
 futures = "0.3"
 
 [features]
 default = ["std"]
 
-std = ["key-share/std"]
+std = [
+  "key-share/std",
+  "cggmp21-keygen?/std",
+  "round-based?/std",
+  "serde?/std",
+  "slip-10?/std"
+]
 
 cggmp21-keygen = ["dep:cggmp21-keygen"]
 full-signing = ["round-based"]
@@ -38,15 +46,11 @@ serde = ["dep:serde", "key-share/serde"]
 
 spof = ["key-share/spof"]
 
-# Enabling this flag only makes the library compatible with these dependencies. Otherwise,
-# for instance, if `key-share` crate has `hd-wallets` feature enabled, but `givre` doesn't,
-# it'll fail to compile.
-#
-# Library doesn't have support of HD signing yet.
-hd-wallets = ["key-share/hd-wallets", "cggmp21-keygen?/hd-wallets"]
+hd-wallets = ["slip-10", "key-share/hd-wallets", "cggmp21-keygen?/hd-wallets"]
+taproot = ["sha2"]
 
 all-ciphersuites = ["ciphersuite-secp256k1", "ciphersuite-ed25519", "ciphersuite-bitcoin"]
 ciphersuite-secp256k1 = ["generic-ec/curve-secp256k1", "k256", "sha2", "static_assertions"]
 ciphersuite-ed25519 = ["generic-ec/curve-ed25519", "sha2"]
-ciphersuite-bitcoin = ["ciphersuite-secp256k1"]
+ciphersuite-bitcoin = ["ciphersuite-secp256k1", "taproot"]