fix: check the key byte length generically

[sdbondi]

CompressedKey assumes the key length is 32 in from_canonical_bytes.

Made CompressedKey::new private since it is not used externally and needs to be used correctly, as it does not check byte length or if the compressed key bytes are valid

Summary by CodeRabbit

• Refactor
  • Enhanced key management by refining validation routines to enforce dynamic key length requirements.
  • Improved encapsulation of internal key creation, ensuring that constraints are consistently applied for improved reliability.

[coderabbitai]

Walkthrough

The changes modify the key handling and trait implementations in two files. In src/compressed_key.rs, the constructor new for CompressedKey<T> is made private, and the ByteArray trait implementation now requires that T implements the PublicKey trait. The key length check is updated to use a type-specific constant (T::KEY_LEN), and where clauses have been reformatted. In src/ristretto/ristretto_keys.rs, the length verification in from_canonical_bytes now uses Self::KEY_LEN instead of a hardcoded value. These updates enhance encapsulation and type consistency.

Changes

File(s)	Change Summary
src/compressed_key.rs	- Changed pub fn new(key: &[u8]) to a private fn new(key: &[u8]) - Enforced type constraint in impl<T: PublicKey> ByteArray for CompressedKey<T> - Updated key length check to use T::KEY_LEN - Reformatted trait where clauses
src/ristretto/ristretto_keys.rs	- Modified from_canonical_bytes to validate using Self::KEY_LEN rather than a hardcoded length of 32 bytes

Sequence Diagram(s)

sequenceDiagram
    participant Internal
    participant CompressedKey
    Note right of CompressedKey: `new()` is now private
    Internal ->>+ CompressedKey: Request key creation
    CompressedKey -->>- Internal: Returns CompressedKey instance

Loading

sequenceDiagram
    participant Caller
    participant RistrettoPublicKey
    Caller ->> RistrettoPublicKey: Call from_canonical_bytes(bytes)
    alt bytes length equals Self::KEY_LEN
        RistrettoPublicKey -->> Caller: Return valid key object
    else
        RistrettoPublicKey -->> Caller: Return ByteArrayError::IncorrectLength
    end

Loading

Poem

I'm a rabbit, hopping with delight,
Over new code that feels just right.
Private methods tucked away so neat,
Type checks ensure our keys are sweet.
I nibble on bytes with a joyful cheer,
Celebrating changes from ear to ear! 🐰✨

---

📜 Recent review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between ce5e3e8 and 670eca1.

📒 Files selected for processing (2)

• src/compressed_key.rs (2 hunks)
• src/ristretto/ristretto_keys.rs (1 hunks)

🚧 Files skipped from review as they are similar to previous changes (2)

• src/ristretto/ristretto_keys.rs
• src/compressed_key.rs

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Generate unit testing code for this file.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai generate unit testing code for this file.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read src/utils.ts and generate unit testing code.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
  • @coderabbitai help me debug CodeRabbit configuration file.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai generate docstrings to generate docstrings for this PR.
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai plan to trigger planning for file edits and PR creation.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[coderabbitai]

Caution

Inline review comments failed to post. This is likely due to GitHub's limits when posting large numbers of comments. If you are seeing this consistently it is likely a permissions issue. Please check "Moderation" -> "Code review limits" under your organization settings.

Actionable comments posted: 2

🔭 Outside diff range comments (3)

src/compressed_key.rs (3)

133-137: ⚠️ Potential issue

Apply PublicKey trait bound to other implementations.

Several implementations are missing the PublicKey trait bound, causing pipeline failures. Methods like to_hex(), as_bytes(), and from_canonical_bytes() are provided by traits that now require T: PublicKey.

-impl<T> Hashable for CompressedKey<T> {
+impl<T: PublicKey> Hashable for CompressedKey<T> {

-impl<T> Hash for CompressedKey<T> {
+impl<T: PublicKey> Hash for CompressedKey<T> {

-impl<T> fmt::Display for CompressedKey<T> {
+impl<T: PublicKey> fmt::Display for CompressedKey<T> {

-impl<T> ConstantTimeEq for CompressedKey<T> {
+impl<T: PublicKey> ConstantTimeEq for CompressedKey<T> {

-impl<T> fmt::LowerHex for CompressedKey<T> {
+impl<T: PublicKey> fmt::LowerHex for CompressedKey<T> {

-impl<T> fmt::UpperHex for CompressedKey<T> {
+impl<T: PublicKey> fmt::UpperHex for CompressedKey<T> {

-impl<T> fmt::Debug for CompressedKey<T> {
+impl<T: PublicKey> fmt::Debug for CompressedKey<T> {

-impl<T> PartialEq for CompressedKey<T> {
+impl<T: PublicKey> PartialEq for CompressedKey<T> {

-impl<T> Eq for CompressedKey<T> {}
+impl<T: PublicKey> Eq for CompressedKey<T> {}

-impl<T> PartialOrd for CompressedKey<T> {
+impl<T: PublicKey> PartialOrd for CompressedKey<T> {

-impl<T> Ord for CompressedKey<T> {
+impl<T: PublicKey> Ord for CompressedKey<T> {

-impl<T> Zeroize for CompressedKey<T> {
+impl<T: PublicKey> Zeroize for CompressedKey<T> {

Also applies to: 139-144, 153-157, 159-163, 165-175, 177-181, 183-189, 191-201, 224-230

---

232-264: ⚠️ Potential issue

Add PublicKey trait bound to serde implementations.

The serde implementations also need the PublicKey trait bound to fix the pipeline failures related to from_hex(), to_hex(), and as_bytes() methods.

-impl<'de, T> Deserialize<'de> for CompressedKey<T> {
+impl<'de, T: PublicKey> Deserialize<'de> for CompressedKey<T> {

-impl<T> Serialize for CompressedKey<T> {
+impl<T: PublicKey> Serialize for CompressedKey<T> {

Additionally, the visitor implementation might need adjustment:

-        impl<T> Visitor<'_> for CompressedKeyVisitor<T> {
+        impl<T: PublicKey> Visitor<'_> for CompressedKeyVisitor<T> {

Also applies to: 266-277

🧰 Tools

🪛 GitHub Actions: Test

[error] 259-259: the trait bound T: PublicKey is not satisfied

🪛 GitHub Actions: Formatting, lints, and code checks

[error] 232-232: Formatting issue: Incorrect placement of 'where' clause. Expected 'where D: Deserializer<'de>' on the same line.

---

[error] 247-247: Formatting issue: Incorrect placement of 'where' clause. Expected 'where E: de::Error' on the same line.

---

114-130: ⚠️ Potential issue

Add PublicKey trait bound to borsh implementations.

The borsh implementations also need the PublicKey trait bound as they use as_bytes() and from_canonical_bytes().

-impl<T: borsh::BorshSerialize> borsh::BorshSerialize for CompressedKey<T> {
+impl<T: borsh::BorshSerialize + PublicKey> borsh::BorshSerialize for CompressedKey<T> {

-impl<T: borsh::BorshDeserialize> borsh::BorshDeserialize for CompressedKey<T> {
+impl<T: borsh::BorshDeserialize + PublicKey> borsh::BorshDeserialize for CompressedKey<T> {

🧰 Tools

🪛 GitHub Actions: Test

[error] 117-117: the method as_bytes exists for reference &CompressedKey<T>, but its trait bounds were not satisfied

---

[error] 128-128: the function or associated item from_canonical_bytes exists for struct CompressedKey<T>, but its trait bounds were not satisfied

🪛 GitHub Actions: Formatting, lints, and code checks

[error] 121-121: Formatting issue: Incorrect placement of 'where' clause. Expected 'where R: borsh::io::Read' on the same line.

🛑 Comments failed to post (2)

src/compressed_key.rs (2)

124-126: ⚠️ Potential issue

Fix the formatting of where clauses.

The pipeline failures show that these where clauses should be on the same line as the preceding line, not indented on separate lines.

-    where
-        R: borsh::io::Read,
-    {
+    where R: borsh::io::Read {

Apply similar fixes to all other where clauses to resolve the formatting errors.

Also applies to: 209-211, 235-237, 250-252, 269-271

---

203-213: 💡 Verification agent

🧩 Analysis chain

Good use of T::KEY_LEN and PublicKey trait bound.

Adding the PublicKey trait bound to the ByteArray implementation for CompressedKey<T> ensures that T has a KEY_LEN constant, and replacing the hardcoded key length check with T::KEY_LEN makes the code more adaptable to different key sizes.

However, there are several pipeline failures showing trait bound issues. The PublicKey trait bound needs to be applied consistently across other implementations that use methods requiring it.

---

🏁 Script executed:

#!/bin/bash
# Identify places where trait bounds are needed but missing

# Find places where to_hex or as_bytes are used without proper trait bounds
echo "Checking for missing trait bounds when using ByteArray methods:"
rg -A 2 "to_hex|as_bytes" src/compressed_key.rs | grep -v "where.*PublicKey"

# Find other implementations that might need the PublicKey trait bound
echo "Checking other implementations that might need PublicKey trait bound:"
rg "impl<T>" src/compressed_key.rs | grep -v "PublicKey"

Length of output: 1758

---

Action Required: Consistent PublicKey Trait Bound Across Implementations

The use of T::KEY_LEN in the ByteArray implementation is well done, ensuring that the key length check is flexible and adaptable. However, our pipeline failures indicate that several other implementations of CompressedKey<T> (e.g., those invoking to_hex and as_bytes) lack the PublicKey trait bound. This omission could lead to inconsistencies or errors in contexts where methods depend on a valid KEY_LEN from the trait.

Recommendations:

• Review and update all implementations for CompressedKey<T> (including Hashable, Hash, fmt::Display, fmt::LowerHex, fmt::UpperHex, fmt::Debug, PartialEq, PartialOrd, Ord, Zeroize, Visitor, and Serialize) to ensure they consistently include the PublicKey trait bound.
• Ensure that every method using functionalities like to_hex and as_bytes is appropriately constrained by the PublicKey trait so that T::KEY_LEN is always available.

Please address these missing trait bounds to resolve the pipeline failures.

🧰 Tools

🪛 GitHub Actions: Formatting, lints, and code checks

[error] 206-206: Formatting issue: Incorrect placement of 'where' clause. Expected 'where Self: Sized' on the same line.

[sdbondi]

Looks like more work is needed if ByteArray impl has the PublicKey trait bound - closing for now