Aaron Feickert
Aaron Feickert
As noted in #6416, some signature functions use naming that indicates arbitrary input messages are challenges. This is not always the case, and may lead to confusion. It would be...
It's necessary every so often to bump the (pinned) nightly toolchain used in CI, often due to breaks elsewhere in the ecosystem. This can result in major headaches from accumulated...
It was suggested by @stringhandler in #6240 to support an "ownership proof" that proves knowledge of the opening of a commitment. While this is what a [`CommitmentSignature`](https://github.com/tari-project/tari-crypto/blob/e755b26d4da6cef8eb00023a1fdcc923fc71870f/src/signatures/commitment_signature.rs#L53-L57) is for, its...
There is a fair amount of duplication between `TariAddress` and `EmojiId`. Both represent a public key, but `TariAddress` additionally includes a network representation combined with the checksum. While the use...
Wallet integration tests in [this file](https://github.com/tari-project/tari/blob/79fcd03a36f1bd81f252b1db52acc5ecc9152e61/base_layer/wallet/tests/other/mod.rs) are not being run. It was determined by @SWvheerden that adding `mod other;` to [this file](https://github.com/tari-project/tari/blob/79fcd03a36f1bd81f252b1db52acc5ecc9152e61/base_layer/wallet/tests/wallet_integration_tests.rs) should take care of it (assuming no other...
Currently, there are two ways to create domain-separated hashers: `DomainSeparatedHasher` and `DomainSeparatedConsensusHasher`. The former is part of `tari-crypto`, and is designed to safely chain input data to mitigate the risk...
Currently, there is no way to signal the compromise of a validator node signing key. One approach under discussion is to have registration specify the public key of a "revocation...
The codebase uses three different Merkle proof structures: [Merkle mountain range](https://github.com/tari-project/tari/blob/1a66312d13dff7fd627930be88cfebffc4b08074/base_layer/mmr/src/merkle_proof.rs#L61-L70) (MMR) proofs, and [merged](https://github.com/tari-project/tari/blob/1a66312d13dff7fd627930be88cfebffc4b08074/base_layer/mmr/src/balanced_binary_merkle_proof.rs#L95-L100) and [unmerged](https://github.com/tari-project/tari/blob/1a66312d13dff7fd627930be88cfebffc4b08074/base_layer/mmr/src/balanced_binary_merkle_proof.rs#L33-L37) balanced binary Merkle tree (BBMT) proofs. In each case, the proof includes one...
The codebase uses [Merkle mountain ranges](https://github.com/tari-project/tari/blob/54546c7cd9c96a587187bedce2d879b2db3892c7/base_layer/mmr/src/merkle_mountain_range.rs) to enable compact representations and proofs for different data structures. However, the implementation is vulnerable to [second-preimage attacks](https://en.wikipedia.org/wiki/Merkle_tree#Second_preimage_attack) since it [does not bind](https://github.com/tari-project/tari/blob/81a6cb5e6ac93eeeb386ce1c4f6b14263627bffb/base_layer/mmr/src/common.rs#L190-L192) node...
A [recent PR](https://github.com/tari-project/tari/pull/5394) showed an instance where a Schnorr signature is used without domain separation. This is a good opportunity to check other uses of such signatures and ensure they...