Remove Sub/Mul impls for PublicSigned to prevent misuse

entropyxyz · Dec 19, 2024 · 46bf6a3 · 46bf6a3
1 parent 7524ffd
commit 46bf6a3
Show file tree

Hide file tree

Showing 2 changed files with 11 additions and 29 deletions.
diff --git a/synedrion/src/cggmp21/sigma/fac.rs b/synedrion/src/cggmp21/sigma/fac.rs
@@ -111,12 +111,18 @@ impl<P: SchemeParams> FacProof<P> {
 
         let p_wide = sk0.p_wide_signed();
 
-        let hat_sigma = sigma - (p_wide * &nu).to_public().to_wide();
+        let hat_sigma = sigma
+            .checked_sub(&(p_wide * &nu).to_public().to_wide())
+            .expect("doesn't overflow by construction");
         let z1 = (alpha + (p * e).to_wide()).to_public();
         let z2 = (beta + (q * e).to_wide()).to_public();
         let omega1 = (x + mu * e_wide).to_public();
         let omega2 = (nu * e_wide + y).to_public();
-        let v = (r + (hat_sigma * e_wide.to_wide())).to_public();
+        let v = (r
+            + (hat_sigma
+                .checked_mul(&e_wide.to_wide())
+                .expect("doesn't overflow by construction")))
+        .to_public();
 
         Self {
             e,

diff --git a/synedrion/src/uint/public_signed.rs b/synedrion/src/uint/public_signed.rs
@@ -1,5 +1,5 @@
 use alloc::{boxed::Box, format, string::String};
-use core::ops::{Mul, Neg, Sub};
+use core::ops::Neg;
 
 use crypto_bigint::{Bounded, Encoding, Integer, NonZero};
 use digest::XofReader;
@@ -142,7 +142,7 @@ where
         self.abs() <= T::one() << bound_bits
     }
 
-    fn checked_sub(&self, rhs: &Self) -> Option<Self> {
+    pub fn checked_sub(&self, rhs: &Self) -> Option<Self> {
         let bound = core::cmp::max(self.bound, rhs.bound) + 1;
         if bound < T::BITS {
             Some(Self {
@@ -158,7 +158,7 @@ where
     /// use [`Signed::mul_wide`] if widening is desired.
     /// Note: when multiplying two [`PublicSigned`], the bound on the result
     /// is equal to the sum of the bounds of the operands.
-    fn checked_mul(&self, rhs: &Self) -> Option<Self> {
+    pub fn checked_mul(&self, rhs: &Self) -> Option<Self> {
         let bound = self.bound + rhs.bound;
         if bound < T::BITS {
             Some(Self {
@@ -229,27 +229,3 @@ where
         PublicSigned::neg(&self)
     }
 }
-
-impl<T> Sub<PublicSigned<T>> for PublicSigned<T>
-where
-    T: Integer + Bounded,
-{
-    type Output = PublicSigned<T>;
-
-    fn sub(self, rhs: PublicSigned<T>) -> Self::Output {
-        self.checked_sub(&rhs)
-            .expect("the calling code ensured the bound is not overflown")
-    }
-}
-
-impl<T> Mul<PublicSigned<T>> for PublicSigned<T>
-where
-    T: Integer + Bounded,
-{
-    type Output = PublicSigned<T>;
-
-    fn mul(self, rhs: PublicSigned<T>) -> Self::Output {
-        self.checked_mul(&rhs)
-            .expect("the calling code ensured the bound is not overflown")
-    }
-}