Remove mentions of 32-byte slice from tweak APIs #453
Conversation
These methods accept `&Scalar`, not slice and `&Scalar` already guarantees 32-bytes, so this failure case is impossible.
There was a problem hiding this comment.
ACK e612458.
This is a strict improvement. But our code documentation can be improved, which is a separate issue.
| @@ -301,8 +300,7 @@ impl SecretKey { | |||
| /// | |||
| /// # Errors | |||
| /// | |||
| /// Returns an error if the resulting key would be invalid or if the tweak was not a 32-byte | |||
| /// length slice. | |||
| /// Returns an error if the resulting key would be invalid. | |||
There was a problem hiding this comment.
This can only error when Scalar is zero.
There was a problem hiding this comment.
Same comment as above about mutating self.
There was a problem hiding this comment.
I don't think that's the case. The resulting key would be invalid if it's 0, so scalar being zero can cause error only if the key is already invalid which this library prevents. This should produce error though: priv_key.add_tweak(priv_key.negate().into())
There was a problem hiding this comment.
This comment is for mul_tweak. Which happens only when the scalar is zero.
There was a problem hiding this comment.
Anycase, these are unrelated to the PR itself. We can tackle this in separate issue
There was a problem hiding this comment.
Ah, annoying GitHub UI...
| @@ -270,8 +270,7 @@ impl SecretKey { | |||
| /// | |||
| /// # Errors | |||
| /// | |||
| /// Returns an error if the resulting key would be invalid or if the tweak was not a 32-byte | |||
| /// length slice. | |||
| /// Returns an error if the resulting key would be invalid. | |||
There was a problem hiding this comment.
We can be more specific and say, returns an error only if the resultant key is zero. This only happens when Scalar is the negation of Secret Key.
The upstream documentation also states:
seckey will be set to some unspecified value if this function returns 0.
We should either 1) document this or 2) Make a copy and make sure self is not mutated here.
There was a problem hiding this comment.
It's already copied. :)
There was a problem hiding this comment.
This comment is for tweak_add. This only happens when Scalar is the negation of Secret Key.
There was a problem hiding this comment.
If we let the other parameter be SecretKey, we can safely unwrap
There was a problem hiding this comment.
If other is SecretKey we can unwrap for tweak_mul but not for tweak_add. To represent it in the type system:
// This should be sealed and associated items hidden, showing unsealed for simplicity
trait IntoScalar: Into<Scalar> {
type TweakMulError;
fn invalid_tweak_mul() -> Self::TweakMulError;
}
impl IntoScalar for Scalar {
type TweakMulError = Error;
fn invalid_tweak_mul() -> Self::TweakMulError {
Error::InvalidTweak
}
}
impl IntoScalar for SecretKey {
type TweakMulError = core::convert::Infallible;
fn invalid_tweak_mul() -> Self::TweakMulError {
unreachable!(); // _unchecked if we're brave :)
}
}Then accept IntoScalar in tweak_mul()
|
Opened #455. |
These methods accept
&Scalar, not slice and&Scalaralready guarantees 32-bytes, so this failure case is impossible.