Add comments from #4219

MystenLabs · Aug 30, 2022 · baa70af · baa70af
1 parent 29f25fe
commit baa70af
Show file tree

Hide file tree

Showing 2 changed files with 13 additions and 15 deletions.
diff --git a/crates/sui-config/src/genesis.rs b/crates/sui-config/src/genesis.rs
@@ -67,6 +67,9 @@ impl Genesis {
             .validator_set
             .iter()
             .map(|validator| {
+                // Strong requirement here for narwhal and sui to be on the same version of fastcrypto
+                // for AuthorityPublicBytes to cast to type alias PublicKey defined in narwhal to
+                // construct narwhal Committee struct.
                 let name = validator
                     .protocol_key()
                     .try_into()

diff --git a/crates/sui-types/src/README.md b/crates/sui-types/src/README.md
@@ -6,25 +6,20 @@ Currently, three files are equipped with signature and hashing functionality (`c
 `messages.rs`). As of today: account signatures utilize the ed25519 scheme. Regarding validators, they still utilize the
 ed25519 scheme, but we’re exploring transitioning to BLS12-381 due to native aggregation functionality.
 
-For security purposes (i.e., the recent [Chalkias double pub-key api vulnerability](https://github.com/MystenLabs/ed25519-unsafe-libs))
-and forward evolution, we wrap existing structs/functions into our own crates. In particular, our
-current backing ed25519 library is `ed25519-dalek` and for BLS it's the `blst` crate; both of them have proven 
-themselves as some of the fastest Rust implementations for these algorithms.
-*Note that we're going to replace the [dalek-ed25519](https://github.com/dalek-cryptography/ed25519-dalek)
-backing library with [ed25519-consensus](https://github.com/penumbra-zone/ed25519-consensus), which enforces co-factored
-ed25519 signature verification and enables compatibility between single and batch verification.*
+Sui uses fastcrypto with an extension trait by adding an additional 1-byte flag to identify signatures `flag || signature` with its associated signing scheme. See [fastcrypto](https://github.com/MystenLabs/fastcrypto) for concrete implementation of various cryprography libraries.
 
 ## Quick links
 
-* [crypto.rs](crypto.rs), the main library for cryptography (sign/verify/hash) structs and functions.
-* [signature_seed.rs](signature_seed.rs), deterministic signer using a seed, domain and some key identifier. Potential 
-usage includes custodial services, in which user keys are not deterministically derived from BIP44/BIP32, but from their 
-username (i.e., email address).
-* [messages.rs](messages.rs), functionality for adding/verifying signatures to transactions (for both account holders 
-and validators).
+- [crypto.rs](crypto.rs), the main library for cryptography (sign/verify/hash) structs and functions.
+- [signature_seed.rs](signature_seed.rs), deterministic signer using a seed, domain and some key identifier. Potential
+  usage includes custodial services, in which user keys are not deterministically derived from BIP44/BIP32, but from their
+  username (i.e., email address).
+- [messages.rs](messages.rs), functionality for adding/verifying signatures to transactions (for both account holders
+  and validators).
 
 ## Tests
 
 Unit tests exist under the `unit_tests` folder, in particular
-* `messages_tests`: to handle signed values, aggregation and certificates.
-* `signature_seed_tests`: for deterministic key derivation functionality.
+
+- `messages_tests`: to handle signed values, aggregation and certificates.
+- `signature_seed_tests`: for deterministic key derivation functionality.