diff --git a/src/extended_range_proof.rs b/src/extended_range_proof.rs index 7850dc25..4bf7a2ec 100644 --- a/src/extended_range_proof.rs +++ b/src/extended_range_proof.rs @@ -5,6 +5,8 @@ use std::{string::ToString, vec::Vec}; +use zeroize::{Zeroize, ZeroizeOnDrop}; + use crate::{ commitment::{ExtensionDegree, HomomorphicCommitment}, errors::RangeProofError, @@ -99,7 +101,7 @@ pub trait ExtendedRangeProofService { /// Extended blinding factor vector used as part of the witness to construct an extended proof, or rewind data /// extracted from a range proof containing the mask (e.g. blinding factor vector). -#[derive(Debug, Clone, PartialEq, Eq)] +#[derive(Debug, Clone, PartialEq, Eq, Zeroize, ZeroizeOnDrop)] pub struct ExtendedMask where K: SecretKey { @@ -200,7 +202,7 @@ where PK: PublicKey /// The extended witness contains the extended mask (blinding factor vector), value and a minimum value /// promise; this will be used to construct the extended range proof -#[derive(Clone)] +#[derive(Clone, Zeroize, ZeroizeOnDrop)] pub struct ExtendedWitness where K: SecretKey { diff --git a/src/ristretto/pedersen/extended_commitment_factory.rs b/src/ristretto/pedersen/extended_commitment_factory.rs index 232b24ce..c38dceb0 100644 --- a/src/ristretto/pedersen/extended_commitment_factory.rs +++ b/src/ristretto/pedersen/extended_commitment_factory.rs @@ -11,6 +11,7 @@ use curve25519_dalek::{ scalar::Scalar, traits::{Identity, MultiscalarMul}, }; +use zeroize::Zeroizing; #[cfg(feature = "precomputed_tables")] use crate::ristretto::pedersen::scalar_mul_with_pre_computation_tables; @@ -84,14 +85,8 @@ impl ExtendedPedersenCommitmentFactory { } /// Creates a Pedersen commitment using the value scalar and a blinding factor vector - pub fn commit_scalars( - &self, - value: &Scalar, - blinding_factors: &[Scalar], - ) -> Result - where - for<'a> &'a Scalar: Borrow, - { + fn commit_scalars(&self, value: &Scalar, blinding_factors: &[Scalar]) -> Result + where for<'a> &'a Scalar: Borrow { if blinding_factors.is_empty() || blinding_factors.len() > self.extension_degree as usize { Err(CommitmentError::CommitmentExtensionDegree { reason: "blinding vector".to_string(), @@ -166,7 +161,7 @@ impl ExtendedHomomorphicCommitmentFactory for ExtendedPedersenCommitmentFactory k_vec: &[RistrettoSecretKey], v: &RistrettoSecretKey, ) -> Result { - let blinding_factors: Vec = k_vec.iter().map(|k| k.0).collect(); + let blinding_factors: Zeroizing> = Zeroizing::new(k_vec.iter().map(|k| k.0).collect()); let c = self.commit_scalars(&v.0, &blinding_factors)?; Ok(HomomorphicCommitment(RistrettoPublicKey::new_from_pk(c))) } diff --git a/src/ristretto/ristretto_keys.rs b/src/ristretto/ristretto_keys.rs index 16fc25c3..ee9bf0cf 100644 --- a/src/ristretto/ristretto_keys.rs +++ b/src/ristretto/ristretto_keys.rs @@ -65,7 +65,7 @@ impl borsh::BorshSerialize for RistrettoSecretKey { impl borsh::BorshDeserialize for RistrettoSecretKey { fn deserialize_reader(reader: &mut R) -> Result where R: borsh::maybestd::io::Read { - let bytes: Vec = borsh::BorshDeserialize::deserialize_reader(reader)?; + let bytes: Zeroizing> = Zeroizing::new(borsh::BorshDeserialize::deserialize_reader(reader)?); Self::from_canonical_bytes(bytes.as_slice()) .map_err(|e| borsh::maybestd::io::Error::new(borsh::maybestd::io::ErrorKind::InvalidInput, e.to_string())) } @@ -234,12 +234,6 @@ impl From for RistrettoSecretKey { } } -impl From for RistrettoSecretKey { - fn from(s: Scalar) -> Self { - RistrettoSecretKey(s) - } -} - //--------------------------------------------- Borrow impl -------------------------------------------------// impl<'a> Borrow for &'a RistrettoSecretKey {