[Rust]: Implement Private and Public keys #3107
Conversation
* Add tests to check if `k256` suits our requirements
* Add `tw_hash::Hash<N>` * Implement `tw_keeper::secp256k1` Private, Public keys, signing and verifying
* Export FFI interface
* Add `secp256k1::KeyPair` structure
* Move `TWPrivateKey` and `TWPublicKey` to the `tw_keypair::tw` module * Refactor `TWPublicKey` by making it enum * TODO add `TWKeyPair`
* Add a documentation * Comment out `secp256k1::PrivateKey::shared_key_hash` as it's not finished yet
* Add a PoC canonical signing
* Remove `tw_starknet`
There was a problem hiding this comment.
Looks good, nicely designed structures and impls. The types should have //! documentation, however. Also, I'd like to note that the RustCrypto project explicitly states:
The secp256k1 elliptic curve arithmetic contained in this crate has never been independently audited!
Just wanted to mention that, but I assume you already discussed this with @Milerius. Regarding the testing custom cryptography implementations, I'd generally recommend testing this against well-established tools such as openssl (e.g. generating tons of random data, signing the data with both tools and then comparing the output), but if you copied the tests from C++ then this is probably fine.
There was a problem hiding this comment.
Can you add support for this crate: https://crates.io/crates/zeroize to zeroize memory after usage and signing in general?
Probably ok to delete C++ tests that are replicated/moved to rust then.
* CI Run tests in WASM
|
Also this note from https://github.com/RustCrypto/elliptic-curves/tree/master/k256 should be highlighted, do we have a checklist for the auditor to take more eyes on?
This crate has been designed with the goal of ensuring that secret-dependent secp256k1 operations are performed in constant time (using the subtle crate and constant-time formulas). However, it has not been thoroughly assessed to ensure that generated assembly is constant time on common CPU architectures. USE AT YOUR OWN RISK! |
|
@hewigovens @lamafab thank you for noticing. We've scheduled a call with the security team.
|
It's actually C Interfaces generated Rust<->C through cbindgen, at some point the idea is to generate the TW bindings this way too. |
* Implement `Serialize` and `Deserialize` for `Hash<N>`
|
@hewigovens @Milerius @lamafab thank you for the advices! |
Description
Transaction signing is the key responsibility of wallet-core. We need to implement the
PrivateKeyandPublicKeystructures to be able to move one of the blockchains from C++ to Rust.How to test
Run Rust and C++ tests
Types of changes
TWPrivateKeyandTWPublicKeystructures in Rust.secp256k1curve.Note
Found an issue in k256 crate - RustCrypto/elliptic-curves#886
Fixed by disabling the
precomputed-tablesfeature.Checklist
TWPrivateKeyandTWPublicKeyhigh-level structures in RustTWPrivateKeyandTWPublicKeyFFI typessecp256k1signing with a canonical checking: https://github.com/trustwallet/wallet-core/blob/master/src/PrivateKey.cpp#L253 - PoCsecp256k1getting shared key hash: https://github.com/trustwallet/wallet-core/blob/master/src/PrivateKey.cpp#L175-L191 - PoClinux-rust-cistep