You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The ppoprf crate defines a PPRF trait with a generic interface over a puncturable pseudo-random function. These methods take &[u8] binary data for input and output.
However, those arguments must in fact conform to constraints imposed by the underlying implementation: 32-byte CompressedRistretto points or a valid metadata tag byte sequence in the case of the ggm implementation. Since the arguments are untyped, the caller has no safe way to ensure the methods won't panic, and must rely on ad hoc, redundant validation of anything passed to the trait implementation.
Generally it's better for libraries to return a Result type whenever error is possible, so the caller can decided how to handle such cases. To implement this the PPFR trait should define an error type, which probably looks like a union of GGMError with argument length and format mismatches, and have the fallible methods return that as part of the result.
The text was updated successfully, but these errors were encountered:
The
ppoprfcrate defines aPPRFtrait with a generic interface over a puncturable pseudo-random function. These methods take&[u8]binary data for input and output.However, those arguments must in fact conform to constraints imposed by the underlying implementation: 32-byte
CompressedRistrettopoints or a valid metadata tag byte sequence in the case of the ggm implementation. Since the arguments are untyped, the caller has no safe way to ensure the methods won't panic, and must rely on ad hoc, redundant validation of anything passed to the trait implementation.Generally it's better for libraries to return a
Resulttype whenever error is possible, so the caller can decided how to handle such cases. To implement this thePPFRtrait should define an error type, which probably looks like a union ofGGMErrorwith argument length and format mismatches, and have the fallible methods return that as part of the result.The text was updated successfully, but these errors were encountered: