refactor(common): use underlying VK types instead of Vec<u8>

[distractedm1nd]

Noticed in the stream last night that SigningKey uses the correct underlying types from the curve libraries, while VerifyingKey uses Vec everywhere.

By enabling serde on the secp256k1 crate, we can derive serde. The only change this had elsewhere was that we now have to box the proof variant types in the proof enum.

Summary by CodeRabbit

• New Features

  • Enhanced the secp256k1 dependency to support serialization with the addition of the "serde" feature.
  • Improved type safety in handling public keys by using specific verification key types for Secp256k1 and Ed25519.

• Bug Fixes

  • Updated logic in the main function to ensure correct handling of verifying keys, enhancing type safety and error handling.

• Refactor

  • Streamlined the handling of public keys and proofs in the VerifyingKey enum and Proof enum, improving memory management and clarity.

• Tests

  • Adjusted test cases to reflect changes in key handling and verification processes.

[coderabbitai]

Walkthrough

The pull request introduces several changes across multiple files, primarily focusing on enhancing type safety and memory management. The Cargo.toml file updates the features for the secp256k1 dependency. The main.rs file modifies the way verifying keys are handled, ensuring type safety. Significant changes are made to the VerifyingKey enum in keys.rs, transitioning from byte vectors to specific verification key types. Additionally, updates in test_utils.rs and tree.rs improve proof handling and memory management without altering the overall logic.

Changes

File	Change Summary
Cargo.toml	Updated secp256k1 dependency features to include "serde" alongside "global-context" and "rand-std".
crates/bin/src/main.rs	Modified main function logic to enhance type safety in handling VerifyingKey, using pattern matching instead of direct conversion.
crates/common/src/keys.rs	Changed VerifyingKey enum variants from Vec<u8> to specific types Secp256k1VerifyingKey and Ed25519VerifyingKey. Updated methods for type safety.
crates/common/src/test_utils.rs	Altered insert_account and update_account methods to return proofs by value instead of reference.
crates/common/src/tree.rs	Updated Proof enum to use boxed variants for InsertProof and UpdateProof, modifying memory management and return types in related methods.

Possibly related PRs

• refactor: refactoring into crates and adding nova, sp1 #115: Changes in the Cargo.toml regarding workspace configuration and dependencies may impact the management of features like secp256k1.
• feat(WIP): secp256k1-support, rename PublicKey to VerifyingKey #134: Directly relates to the modification of secp256k1 features in the Cargo.toml, indicating a strong connection in dependency management.
• feat: replace ed25519-dalek with ed25519-consensus #138: The replacement of ed25519-dalek with ed25519-consensus indicates a significant change in cryptographic handling that may connect with the updates in the main PR regarding dependencies and features.
• feat(common) Allow adding signed data #141: The introduction of new operation types and modifications to existing structures in the Operation enum may relate to the changes in the main PR, which also focuses on enhancing the functionality of the secp256k1 dependency and its integration.
• feat(common) Operation nonces #147: The addition of operation nonces and modifications to the Digest struct may connect with the changes in the main PR, as both involve enhancements to the handling of operations and cryptographic elements within the codebase.

Suggested reviewers

• sebasti810

🐰 In the code, we hop and play,
With keys and proofs, we find our way.
From Vec<u8> to types so bright,
We craft our paths, a joyful sight!
With features added, we leap with glee,
In the world of Rust, we're wild and free! 🐇✨

---

Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media?

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Generate unit testing code for this file.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai generate unit testing code for this file.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read src/utils.ts and generate unit testing code.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
  • @coderabbitai help me debug CodeRabbit configuration file.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[coderabbitai]

Actionable comments posted: 2

🧹 Outside diff range and nitpick comments (1)

crates/bin/src/main.rs (1)

43-46: Consider adding debug logging for rejected key types.

When a non-Ed25519 key is provided, it's silently converted to None. Consider adding debug logging to help troubleshoot configuration issues.

 .and_then(|vk: VerifyingKey| match vk {
     VerifyingKey::Ed25519(key) => Some(key),
-    _ => None,
+    other => {
+        debug!("Ignoring non-Ed25519 verifying key: {:?}", other);
+        None
+    },
 });

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL

📥 Commits

Files that changed from the base of the PR and between fa6fd7b and e691d43.

⛔ Files ignored due to path filters (1)

• Cargo.lock is excluded by !**/*.lock

📒 Files selected for processing (5)

• Cargo.toml (1 hunks)
• crates/bin/src/main.rs (1 hunks)
• crates/common/src/keys.rs (6 hunks)
• crates/common/src/test_utils.rs (2 hunks)
• crates/common/src/tree.rs (4 hunks)

🔇 Additional comments (7)

crates/bin/src/main.rs (1)

43-46: LGTM! Improved type safety with explicit variant handling.

The change from try_into() to pattern matching enhances type safety by explicitly handling the Ed25519 variant and rejecting others, which aligns well with the PR's objective of using proper underlying types.

Cargo.toml (2)

84-88: LGTM! Feature addition aligns with refactoring goals.

Adding the "serde" feature to secp256k1 is appropriate for transitioning from Vec<u8> to proper verification key types.

---

84-88: Verify patch compatibility with serde feature.

The secp256k1 dependency is using a patched version. Let's verify that the patch supports the serde feature.

✅ Verification successful

Let me gather more information about the secp256k1 dependency to verify if it's actually using a patch and if the serde feature is supported.

---

Let me check the patched repository to verify if the serde feature is supported in the specific branch.

---

Serde feature is supported in the patched version

The patched repository (sp1-patches/rust-secp256k1) at branch patch-secp256k1-v0.29.0 contains serde-related files (src/serde_util.rs and tests/serde.rs), indicating that serde serialization is implemented and tested. The presence of these files confirms that the serde feature is supported in the patched version.

🏁 Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Verify that the patched secp256k1 repository supports the serde feature

# Test: Check if the patch branch exists and contains serde feature
gh repo view sp1-patches/rust-secp256k1 --json defaultBranchRef -q .defaultBranchRef.name
gh repo view sp1-patches/rust-secp256k1 --json description -q .description

# Test: Look for serde-related changes in Cargo.toml
rg -A 5 'serde.*features' Cargo.toml

Length of output: 446

---

Script:

#!/bin/bash
# Check if there's a patch specification for secp256k1 in Cargo.toml
rg -A 3 'patch.crates-io' Cargo.toml

# Look for the actual secp256k1 dependency declaration
rg -A 5 '^secp256k1.*=' Cargo.toml

# Check if there are any workspace patches
fd Cargo.toml --exec rg -A 3 'patch.crates-io' {}

Length of output: 1245

---

Script:

#!/bin/bash
# Fetch the Cargo.toml from the patched repository's specific branch
gh api /repos/sp1-patches/rust-secp256k1/contents/Cargo.toml?ref=patch-secp256k1-v0.29.0 --jq '.content' | base64 -d | rg -A 5 'serde.*feature|^\[features\]' || echo "Failed to fetch Cargo.toml"

# Check for any serde-related files or implementations
gh api /repos/sp1-patches/rust-secp256k1/git/trees/patch-secp256k1-v0.29.0?recursive=1 --jq '.tree[].path' | rg 'serde|impl.*Serialize' || echo "Failed to fetch tree"

Length of output: 469

crates/common/src/test_utils.rs (2)

108-108: LGTM: Consistent with insert_account changes.

The dereferencing of the update proof follows the same safe pattern as insert_account, maintaining consistency in proof handling.

---

94-94: LGTM: Proof dereferencing aligns with boxed variant changes.

The dereferencing of the insert proof is correct and consistent with the PR's changes to box proof variants.

Let's verify the Proof enum's boxing:

✅ Verification successful

Dereferencing of boxed proof is correct and consistent with implementation

The verification confirms that in crates/common/src/tree.rs, the Proof enum variants are indeed boxed:

pub enum Proof {
    Update(Box<UpdateProof>),
    Insert(Box<InsertProof>),
}

Therefore, dereferencing the boxed proof with *insert_proof in the test utilities is the correct approach to extract the inner value.

🏁 Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Verify that Proof variants are now boxed
ast-grep --pattern 'enum Proof {
  Insert(Box<$_>),
  Update(Box<$_>)
}'

Length of output: 74

---

Script:

#!/bin/bash
# Let's try a more flexible pattern to find the Proof enum definition
ast-grep --pattern 'enum Proof {
  $$$
}'

# Also search for any Proof enum usage
rg "enum Proof" -A 5

Length of output: 1038

crates/common/src/tree.rs (2)

188-189: LGTM! Boxing large proof variants improves memory efficiency.

The change to box the UpdateProof and InsertProof variants is a good optimization. This prevents the Proof enum from becoming too large on the stack, as proofs can contain significant amounts of data.

---

402-402: LGTM! Consistent boxing of proof variants.

The implementation consistently boxes the proofs when constructing the Proof enum variants across all code paths: process_operation, CreateAccount, and RegisterService operations.

Also applies to: 473-475, 494-496

[coderabbitai]

Actionable comments posted: 0

🧹 Outside diff range and nitpick comments (1)

crates/common/src/keys.rs (1)

152-173: Consider adding more error case tests

While the current tests cover the happy path well, consider adding test cases for:

• Invalid base64 encoding
• Corrupted key bytes
• Wrong key type (e.g., Ed25519 bytes for Secp256k1)

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL

📥 Commits

Files that changed from the base of the PR and between e691d43 and f5dfcf1.

⛔ Files ignored due to path filters (1)

• Cargo.lock is excluded by !**/*.lock

📒 Files selected for processing (5)

• Cargo.toml (1 hunks)
• crates/bin/src/main.rs (1 hunks)
• crates/common/src/keys.rs (6 hunks)
• crates/common/src/test_utils.rs (2 hunks)
• crates/common/src/tree.rs (4 hunks)

🚧 Files skipped from review as they are similar to previous changes (4)

• Cargo.toml
• crates/bin/src/main.rs
• crates/common/src/test_utils.rs
• crates/common/src/tree.rs

🧰 Additional context used

📓 Learnings (1)

crates/common/src/keys.rs (1)

Learnt from: distractedm1nd
PR: deltadevsde/prism#150
File: crates/common/src/keys.rs:27-31
Timestamp: 2024-10-29T15:02:10.475Z
Learning: In the Rust codebase of `prism`, within the `VerifyingKey::as_bytes` method in `crates/common/src/keys.rs`, returning a `Vec<u8>` is necessary because the underlying key types (`Secp256k1VerifyingKey` and `Ed25519VerifyingKey`) provide their byte representations by value. Returning a `&[u8]` would involve borrowing from a temporary value, which is not feasible.

🔇 Additional comments (5)

crates/common/src/keys.rs (5)

20-22: LGTM! Good improvement in type safety

The change from Vec<u8> to proper verification key types (Secp256k1VerifyingKey and Ed25519VerifyingKey) is a solid improvement. It provides better type safety and aligns the implementation with how SigningKey is structured.

---

27-31: LGTM! Necessary allocation confirmed

Based on the previous discussion, returning Vec<u8> is necessary here as the underlying key types provide their byte representations by value.

---

Line range hint 57-75: LGTM! Clean and efficient implementations

The From trait implementations are now more direct and efficient, properly utilizing the type system without unnecessary conversions.

---

103-112: LGTM! Well-documented and robust implementation

The try_from implementation properly handles key creation with:

• Accurate key length validation
• Specific error messages
• Direct creation of proper key types

---

37-46: Consider supporting different Secp256k1 signature formats

The signature length check of 64 bytes is still restrictive for Secp256k1 signatures, which can have different formats (e.g., DER-encoded signatures of 70-72 bytes). While the current implementation works with compact signatures, it might be worth documenting this limitation or supporting additional formats.

Consider:

1. Adding a doc comment specifying that only 64-byte compact signatures are supported
2. Or supporting DER format using Secp256k1Signature::from_der

Let's verify the signature format usage in the codebase: