Skip to content

Derive Hash for Signature #441

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
May 9, 2022
Merged

Derive Hash for Signature #441

merged 1 commit into from
May 9, 2022
+1 −1

Conversation

tcharding
Copy link
Member

@tcharding tcharding commented May 6, 2022
edited
Loading

In preparation for deriving Hash in miniscript, derive Hash on the ecdsa::Signature.

ref: rust-bitcoin/rust-miniscript#226

@tcharding
Derive Hash for Signature

Unverified

This commit is not signed, but one or more authors requires that any commit attributed to them is signed.
Learn about vigilant mode
ef7f197 
In preparation for deriving `Hash` in miniscript, derive `Hash` on the
`ecdsa::Signature`.
This was referenced May 6, 2022
Merged
Closed
@apoelstra
Copy link
Member

I wonder what guarantees Hash is supposed to have. I guess, only that it's compatible with Eq...but in particular, this implementation will give different hash values when the library is compiled with a different endianness.

apoelstra
apoelstra approved these changes May 6, 2022
View reviewed changes
Copy link
Member

@apoelstra apoelstra left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

ACK ef7f197

but would like another ack before merging.

@tcharding
Copy link
Member Author

Am I understanding you correctly that you think the following workflow is broken?

A: little-endian machine
B: big-endian machine

  1. A: create data structure that includes a signature
  2. A: hash data structure
  3. A: serialize data structure 2
  4. send over wire to B
  5. B: deserialzie data structure 2 (as GOT)
  6. B: create data structure 1 that includes a signature (using same data as A used)
  7. B: hash data structure 1, put hash into data structure 2 (as WANT)
  8. B: Expect GOT == WANT

If the assertion in (8) is not true doesn't that basically break all portability for any data structure that uses Hash and since its std::hash::Hash this would imply that code written with the Rust stdlib is non-portable? That seems like a pretty big deal, I'd like to think that Rust guarantees the assertion in (8)? Or am I being brain dead?

@tcharding
Copy link
Member Author

Whatever direction we take, should this PR unify the derives on ecdsa::Signature and schnorr::Signature? The schnorr sig currently has no derives.

@elichai
Copy link
Member

elichai commented May 8, 2022

Due to differences in endianness and type sizes, data fed by Hash to a Hasher should not be considered portable across platforms. Additionally the data passed by most standard library types should not be considered stable between compiler versions.

From: https://doc.rust-lang.org/std/hash/trait.Hash.html#portability

elichai
elichai approved these changes May 8, 2022
View reviewed changes
Copy link
Member

@elichai elichai left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

ACK ef7f197

@tcharding
Copy link
Member Author

Wow, thanks for the lesson.

@apoelstra apoelstra merged commit 6599e24 into rust-bitcoin:master May 9, 2022
@tcharding tcharding deleted the derive-hash branch May 11, 2022 22:13
@dr-orlovsky dr-orlovsky mentioned this pull request Jun 9, 2022
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@apoelstra apoelstra

@elichai elichai

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@tcharding @apoelstra @elichai