Initial impl for IdSecret#320
Conversation
Benchmark for d44204aClick to view benchmark
|
Benchmark for 8250efdClick to view benchmark
|
Benchmark for 8250efdClick to view benchmark
|
Benchmark for 8250efdClick to view benchmark
|
Benchmark for 4055caeClick to view benchmark
|
Benchmark for 4055caeClick to view benchmark
|
Benchmark for 4055caeClick to view benchmark
|
Benchmark for 81859a3Click to view benchmark
|
Benchmark for b132459Click to view benchmark
|
Benchmark for 81859a3Click to view benchmark
|
Benchmark for b132459Click to view benchmark
|
Benchmark for 81859a3Click to view benchmark
|
Benchmark for b132459Click to view benchmark
|
Benchmark for e0fcd15Click to view benchmark
|
Benchmark for e0fcd15Click to view benchmark
|
Benchmark for e0fcd15Click to view benchmark
|
Benchmark for 70a484fClick to view benchmark
|
Benchmark for 70a484fClick to view benchmark
|
Benchmark for 70a484fClick to view benchmark
|
Benchmark for b3c12e9Click to view benchmark
|
Benchmark for b3c12e9Click to view benchmark
|
Benchmark for b3c12e9Click to view benchmark
|
| } else { | ||
| println!("DUPLICATE message ID detected! Reveal identity secret hash: {leaked_identity_secret_hash}"); | ||
| println!( | ||
| "DUPLICATE message ID detected! Reveal identity secret hash: ********" |
There was a problem hiding this comment.
I think it makes sense to print the secret in the example, because we mostly use it for display, and if we can't show the secret on the screen, it would be weird.
There was a problem hiding this comment.
@sydhds
I think it's fine to keep the code as-is and use the Display macro for IdSecret, since the secret key is just a random value in this example.
Zeroize only clears memory after it's no longer in use—it doesn't protect data while it's active. So keeping the example simple is better, and printing the secret isn't a problem here.
|
|
||
| Ok([ | ||
| ("identitySecret", vec![rln_witness.identity_secret]), | ||
| // FIXME |
There was a problem hiding this comment.
Pb here is that we are creating a copy of IdSecret (because *rln_witness.identity_secret create a copy of the underlying Fr) so it "leaks" the secret key here. Problem here is the return type of the function [(_, Vec)] as we ideally should return the IdSecret here. Any idea of how to fix this?
There was a problem hiding this comment.
I'm not sure we can change anything.
the function is used just before the start of the witness calculation and there we need a field element already, not another type
I guess it makes sense to leave a comment here?
There was a problem hiding this comment.
I've added an enum and added some zeroize in iden3calc code. Let me know what you think about this :)
| for (index, identity) in &self.local_identities { | ||
| println!("User Index: {index}"); | ||
| println!("+ Identity Secret Hash: {}", identity.identity_secret_hash); | ||
| println!("+ Identity Secret Hash: ********"); |
There was a problem hiding this comment.
Same goes for this example
There was a problem hiding this comment.
Sorry should be good now
There was a problem hiding this comment.
There are a few Clippy warnings in this file when using the stateless feature, such as with cargo make test_stateless on rln module or in the rln-wasm module.
Benchmark for 799be5aClick to view benchmark
|
Or you can leave it and merge this PR, I'll resolve it later this week while doing the update CI task for zerokit. |
I think it makes sense to follow it. it's not so much to change |
1aa7cf8 to
503b760
Compare
Benchmark for 7940167Click to view benchmark
|
Benchmark for 7940167Click to view benchmark
|
Benchmark for 7940167Click to view benchmark
|
No description provided.