/pixel

Algorand's implementation of pixel consensus signature

Primary LanguageRustMIT LicenseMIT

Pixel signature scheme

Build Status

This is Algorand's implementation of Pixel signature, over the BLS12-381 curve. Useful links:

  • Paper
  • Spec
  • Rust code: this repo
  • Python code
  • Another python code <- This code is only for generating test vectors and cross comparing with Rust's output. It should not be used for any other purpose.

Dependencies

  • Pairing-plus library: Github, Crate.io
    • A fork of zkcrypto's pairing library; with additional functions such as hash to groups and membership testing, etc.
    • We rely heavily on this library for underlying arithmetics.
  • Pixel_param: Github
    • We use the default parameters generated from this crate.
  • BLS_SIG: Github, Crate.io
    • This library is only used for generating and verifying proof of possession.

Code status

  • Version Alpha.
  • This code has NOT been deployed in production.
  • This code has been externally audited by two consulting firms.

Build options

  • cargo build builds a debug version;
  • cargo build --release builds the release version;

Test options

  • cargo test [--release] runs basic tests;
  • cargo test -- --ignored [--release] runs long tests;
  • cargo bench runs benchmarks.

Cross comparison with python code

  • test_vector calls this rust library to generate a list of test vectors.
  • pixel-python/test_vector.py is a python script that generates a list of test vectors.
  • test_vector.py also compares the binary outputs of Rust and python match.

Quality control

Following the guidelines from Facebook's libra source code and Rust API Guidelines.

  • cargo fmt for coding style
  • cargo clippy --all-targets --all-features -- -D warnings for lint
  • cargo doc for documentation.

Exceptions:

  • Facebooks guidelines suggests to have a test file along with the source code. Pixel has a separate test folder that contains all test codes.

Crypto Hygiene

  • Variables that storing secret data are named with a suffix _sec. Always ensure primitive types get cleaned with Zeroize crate; or get passed to the caller. Secret key related structures implements zeroing on drop.
  • Avoiding using clone() function on secret data as possible - this will create two copies of the data. If clone() is used, always clean it after use.

Interfaces documentation

  • Run cargo doc --open
  • See target/doc/pixel/index.html

Wrapper