FCMP++ Integration Audit Overview #294
Description
I'm proposing a 4-phase audit, where each subsequent phase builds off the blocks of the prior.
Audit 1: Crypto
We want the functions from the following PR's audited for this phase:
- Faster transparent amount commitments
rct::zeroCommitVartime
- Batch inverse
fe_batch_invertfe_equals
- Torsion clearing
clear_torsionget_valid_torsion_cleared_pointrct::verPointsForTorsionmul8_is_identity
- Unbiased key image generator
unbiased_hash_to_ecderive_key_image_generator- Review that this new function achieves the stated goal of not having expected bias. Unbiased hash to point safety (and is expected collision resistant).
- ed25519 -> wei conversion
point_to_ed_derivativesed_derivatives_to_wei_x_yfe_ed_derivatives_to_wei_x_yfe_reduce
Review: safety, constant timedness in crypto functions (excluding rct).
Out of scope (slated for future optional audit):
- Torsion check
torsion_check_vartimeget_valid_torsion_cleared_point_fast
Audit 2: Integrated Crypto
- output_to_tuple
- output_to_pre_leaf_tuple
- selene_scalar_from_bytes
- set_valid_leaves
- hash_grow
- hash_init_point
- point_to_cycle_scalar
- from_bytes / to_bytes
Audit 3: Curve Tree Building
- get_tree_extension
- get_leaf_layer_grow_instructions
- hash_children_chunks
- set_next_layer_extension
- get_grow_layer_instructions
- get_next_layer_extension
Audit 4: Consensus Integration
advance_tree
grow_tree
trim_block
trim_tree
get_last_path
handle_fcmp_tree
batch_verify_fcmp_pp_txs
- batchVerifyFcmpPpProofs
// Make sure the block uses the correct FCMP++ tree root and n tree layers