deprecate the use of some mathlib curves #1203 #1204

adecaro · 2025-08-13T05:09:14Z

This PR does the following:

It switches to Gurvy-based cuvers
It cleans up the deserialization process

adecaro · 2025-08-13T14:26:51Z

@ale-linux @mbrandenburger , after this gets in, I'll rework #1147 to test for race conditions the curves we use.

mbrandenburger

Great PR! Thanks @adecaro

mbrandenburger · 2025-09-04T07:50:28Z

integration/nwo/token/generators/crypto/zkatdlognoghv1/gen.go


 	"github.com/IBM/idemix"
-	math3 "github.com/IBM/mathlib"
+	mathlib "github.com/IBM/mathlib"


probably this alias is not even needed anymore

it does because the go module has mathlib but the files have math as package

mbrandenburger · 2025-09-04T07:52:47Z

integration/token/interop/fabtoken/fabtoken_test.go

 		DefaultTMSOpts:  common.TMSOpts{TokenSDKDriver: fabtokenv1.DriverIdentifier},
 		SDKs:            []nodepkg.SDK{&ffabtoken.SDK{}},
-		FSCLogSpec:      "token-sdk=debug:fabric-sdk=debug:info",
+		// FSCLogSpec:      "debug",


this looks very repetitive; maybe worth refactoring in another PR

mbrandenburger · 2025-09-04T07:54:26Z

token/core/zkatdlog/nogh/v1/audit/testdata/bls12_381_bbs/ca/ca/IssuerSecretKey

@@ -0,0 +1 @@
+Z�QH�"��>�!C�D;�F�>cP�jy��5


I am wondering why the revocation key is stored as a beautiful pem, whereas the issuer keys are dumped into the files are pure binary.

mbrandenburger · 2025-09-04T07:55:39Z

token/core/zkatdlog/nogh/v1/audit/testdata/generate.go

+package testdata
+
+//go:generate idemixgen ca-keygen --output ./bls12_381_bbs/ca --curve BLS12_381_BBS --aries
+//go:generate idemixgen signerconfig --ca-input ./bls12_381_bbs/ca --output ./bls12_381_bbs/idemix --admin -u example.com -e alice -r 150 --curve BLS12_381_BBS --aries


--curve BLS12_381_BBS can we use the non-gurvey curve here because both are compatible?

exactly, they are. I left like this to make sure this remains

mbrandenburger · 2025-09-04T07:57:19Z

token/core/zkatdlog/nogh/v1/audit/auditor_test.go

 		var err error
 		fakeSigningIdentity = &mock.SigningIdentity{}
-		ipk, err := os.ReadFile("./testdata/idemix/msp/IssuerPublicKey")
+		ipk, err := os.ReadFile("./testdata/bls12_381_bbs/idemix/msp/IssuerPublicKey")


maybe a good idea to move ./testdata/bls12_381_bbs/idemix/ into a constant and use it throughout this test.

mbrandenburger · 2025-09-04T07:59:51Z

token/core/zkatdlog/nogh/v1/transfer/transfer_test.go


 func prepareZKTransfer() (*transfer.Prover, *transfer.Verifier) {
-	pp, err := v1.Setup(32, nil, math.FP256BN_AMCL)
+	pp, err := v1.Setup(32, nil, math.BN254)


this might be another candidate math.BN254 to move into a constant for this package.

mbrandenburger · 2025-09-04T08:02:06Z

token/core/zkatdlog/nogh/v1/validator/testdata/generate.go

+//go:generate idemixgen ca-keygen --output ./bls12_381_bbs/ca --curve BLS12_381_BBS --aries
+//go:generate idemixgen signerconfig --ca-input ./bls12_381_bbs/ca --output ./bls12_381_bbs/idemix --admin -u example.com -e alice -r 150 --curve BLS12_381_BBS --aries


I am wondering if the auditor and the validator could share the generated testdata?

mbrandenburger · 2025-09-04T08:03:57Z

token/services/db/sql/common/identity.go

 		tables,
-		secondcache.NewTyped[bool](5000),
-		secondcache.NewTyped[[]byte](5000),
+		cache2.NewNoCache[bool](),


Just reading this line - I am a bit clueless what is instantiated here a new no cache from the cache2 package?

As this is the constructor NewCachedIdentityStore, shouldn't it use the ristretto-based cache impl?

good catch, will fix

mbrandenburger · 2025-09-04T08:11:40Z

token/services/ttx/finality.go

 	// therefore we need to check more often before the timeout happens
 	dbChannel := make(chan common.StatusEvent, 1)
-	defer close(dbChannel)
+


who is closing the channel?

so, checking the documentation I found that closing should be used just for termination signaling not for resources release. So, closing earlier the channel can generate a panic on the db side when trying to push an event.

mbrandenburger

LGTM % the my comments above :)

Signed-off-by: Angelo De Caro <[email protected]>

…stener is not removed yet due to locking Signed-off-by: Angelo De Caro <[email protected]>

Signed-off-by: Angelo De Caro <[email protected]>

adecaro added this to the Q3/25 milestone Aug 13, 2025

adecaro requested review from mbrandenburger and ale-linux August 13, 2025 05:09

adecaro self-assigned this Aug 13, 2025

adecaro added the enhancement New feature or request label Aug 13, 2025

adecaro linked an issue Aug 13, 2025 that may be closed by this pull request

deprecate the use of some mathlib curves #1203

Closed

adecaro changed the title ~~deprecate the problematic curves, must fix the unit-tests~~ deprecate the use of some mathlib curves #1203 Aug 13, 2025

adecaro force-pushed the 1203-deprecate-the-use-of-some-mathlib-curves branch from ebdcc92 to a1fa6f9 Compare August 13, 2025 05:10

adecaro force-pushed the 1203-deprecate-the-use-of-some-mathlib-curves branch from 87b7be1 to ee53699 Compare August 17, 2025 06:47

adecaro marked this pull request as draft August 17, 2025 06:47

adecaro force-pushed the 1203-deprecate-the-use-of-some-mathlib-curves branch 5 times, most recently from 0273b97 to ea48e72 Compare September 3, 2025 08:22

adecaro marked this pull request as ready for review September 4, 2025 05:18

mbrandenburger reviewed Sep 4, 2025

View reviewed changes

mbrandenburger self-requested a review September 5, 2025 08:18

mbrandenburger approved these changes Sep 5, 2025

View reviewed changes

adecaro added 10 commits September 7, 2025 11:07

deprecate the problematic curves, must fix the unit-tests

cf5d721

Signed-off-by: Angelo De Caro <[email protected]>

deprecation completed, FP256BN_AMCL is only used in tests

4468217

Signed-off-by: Angelo De Caro <[email protected]>

lint fix

e69b9d5

Signed-off-by: Angelo De Caro <[email protected]>

testdata files

9a83268

Signed-off-by: Angelo De Caro <[email protected]>

debug logs

95fc4f2

Signed-off-by: Angelo De Caro <[email protected]>

fix when selecting aries

574e0d8

Signed-off-by: Angelo De Caro <[email protected]>

more logs

9a28379

Signed-off-by: Angelo De Caro <[email protected]>

introduce typed signer deserializer

e031625

Signed-off-by: Angelo De Caro <[email protected]>

fix

de6a74f

Signed-off-by: Angelo De Caro <[email protected]>

re-enable cache

2f7a9d9

Signed-off-by: Angelo De Caro <[email protected]>

adecaro added 3 commits September 7, 2025 11:07

cleanup

4d6d599

Signed-off-by: Angelo De Caro <[email protected]>

aries flag cleanup

a8dd61c

Signed-off-by: Angelo De Caro <[email protected]>

closig the channel can cause panic at the notification time if the li…

182c8ba

…stener is not removed yet due to locking Signed-off-by: Angelo De Caro <[email protected]>

adecaro force-pushed the 1203-deprecate-the-use-of-some-mathlib-curves branch from d0f6251 to 182c8ba Compare September 7, 2025 09:07

fix

5302d1f

Signed-off-by: Angelo De Caro <[email protected]>

adecaro merged commit c7632e9 into main Sep 10, 2025
52 checks passed

adecaro deleted the 1203-deprecate-the-use-of-some-mathlib-curves branch September 10, 2025 13:32

		@@ -0,0 +1 @@
		Z�QH�"��>�!C�D;�F�>cP�jy��5 No newline at end of file

		//go:generate idemixgen ca-keygen --output ./bls12_381_bbs/ca --curve BLS12_381_BBS --aries
		//go:generate idemixgen signerconfig --ca-input ./bls12_381_bbs/ca --output ./bls12_381_bbs/idemix --admin -u example.com -e alice -r 150 --curve BLS12_381_BBS --aries

deprecate the use of some mathlib curves #1203 #1204

deprecate the use of some mathlib curves #1203 #1204

Uh oh!

Conversation

adecaro commented Aug 13, 2025 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

adecaro commented Aug 13, 2025

Uh oh!

mbrandenburger left a comment

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

mbrandenburger left a comment

Choose a reason for hiding this comment

Uh oh!

Uh oh!

Uh oh!

adecaro commented Aug 13, 2025 •

edited

Loading