Skip to content

Handle errors when resulting public or private key is invalid #120

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 8 commits into from
Mar 7, 2023
Merged

Handle errors when resulting public or private key is invalid #120

merged 8 commits into from
Mar 7, 2023

Conversation

@Mrtenz
Copy link
Member

@Mrtenz Mrtenz commented Mar 2, 2023
edited
Loading

This handles cases where the resulting public or private key after derivation is invalid (e.g., >= n, point at infinity, etc.). Previously we did not handle these situations at all. The chance of this happening is extremely low, but we need to handle it regardless to be compliant with BIP-32 and SLIP-10.

Unfortunately BIP-32 and SLIP-10 have a different way of handling this situation, so I had to refactor some code to make this possible:

  • The SLIP10Node class now accepts a "specification" field (bip32 or slip10), which determines how to handle errors.
    • This is always set to bip32 for BIP44Node.
    • If no specification is provided, we default to bip32 for secp256k1, and slip10 for ed25519.
  • Key derivation is now done sort of recursively, in that if the derivation fails, the same function is called again with the updated parameters (as described by the specification).

Related to MM-02-005.

@Mrtenz Mrtenz requested a review from a team as a code owner March 2, 2023 12:19
Mrtenz
Mrtenz commented Mar 2, 2023
View reviewed changes
Mrtenz
Mrtenz commented Mar 2, 2023
View reviewed changes
Mrtenz
Mrtenz commented Mar 2, 2023
View reviewed changes
@Mrtenz Mrtenz force-pushed the mrtenz/handle-derivation-errors branch from 2d5ee5d to 5caa7e7 Compare March 7, 2023 10:00
Mrtenz
Mrtenz commented Mar 7, 2023
View reviewed changes
src/SLIP10Node.ts
* Note that `ed25519` is not supported by BIP-32, so the `bip32`
* specification is not available for this curve.
*/
readonly specification: Specification;
Copy link
Member Author

@Mrtenz Mrtenz Mar 7, 2023

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

As alternative to the specification field, we could change the derivation paths to accept slip10:${index}, but that requires some refactoring.

@Mrtenz Mrtenz force-pushed the mrtenz/handle-derivation-errors branch from 5caa7e7 to 1a39169 Compare March 7, 2023 13:20
FrederikBolding
FrederikBolding reviewed Mar 7, 2023
View reviewed changes
@Mrtenz Mrtenz merged commit 9d36ea0 into main Mar 7, 2023
@Mrtenz Mrtenz deleted the mrtenz/handle-derivation-errors branch March 7, 2023 14:09
@Mrtenz Mrtenz mentioned this pull request Mar 8, 2023
Merged
@Elenore23 Elenore23 mentioned this pull request Jul 21, 2024
Merged
@doperiddle doperiddle mentioned this pull request Nov 8, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@FrederikBolding FrederikBolding FrederikBolding approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@Mrtenz @FrederikBolding