fix!: pass the actual size of the buffer from the {Go,Rust} bindings

[kwvg]

Additional Information

• The enablement of macOS bindings revealed a potential cause for concern (build). The binds so far take in a buffer and assume it has a sane size.

  bls-signatures/go-bindings/elements.cpp

  Lines 26 to 31 in dd68365

  	CG1Element CG1ElementFromBytes(const void* data, bool* didErr) {
  	bls::G1Element* el = nullptr;
  	try {
  	el = new bls::G1Element(
  	bls::G1Element::FromBytes(bls::Bytes((uint8_t*)(data), bls::G1Element::SIZE))
  	);

  Which makes the in-library check useless as the condition will always be met.

  bls-signatures/src/elements.cpp

  Lines 34 to 36 in dd68365

  	if (bytes.size() != SIZE) {
  	throw std::invalid_argument("G1Element::FromBytes: Invalid size");
  	}

  To resolve this, when specifying a buffer, you must also specify the size, preferably reported by the object controlling the buffer (like buf.size()) instead of hardcoding it (like PrivateKey::PRIVATE_KEY_SIZE).

• In bls-signatures#117, CodeRabbit identified a typo in the Python bindings (source) utilising the wrong SIZE variable. This has been resolved.

Breaking changes

The introduction of a size parameter may require updating function calls to affected bindings.

Summary by CodeRabbit

Release Notes

• Refactor
  • Updated deserialization functions across language bindings (Go, Rust, Python, C) to require explicit buffer length parameters, replacing implicit fixed-size assumptions. This change improves safety and provides more flexible data handling for key and element reconstruction from byte arrays.

[coderabbitai]

Walkthrough

This change adds an explicit size_t len parameter to many FromBytes/deserialization bindings and FFI declarations across Go, Python, and Rust, replacing fixed-size constants with runtime-provided byte lengths for elements, private keys, and BIP32 extended keys.

Changes

Cohort / File(s)	Summary
Go element bindings go-bindings/elements.h, go-bindings/elements.cpp, go-bindings/elements.go	CG1ElementFromBytes / CG2ElementFromBytes signatures now include size_t len; implementations use len for FromBytes; Go now passes C.size_t(len(data)).
Go private key bindings go-bindings/privatekey.h, go-bindings/privatekey.cpp, go-bindings/privatekey.go	CPrivateKeyFromBytes now accepts size_t len and uses it when constructing the key; Go call sites pass C.size_t(len(data)).
Python bindings python-bindings/pythonbindings.cpp	Replaced fixed-size constants with container-derived sizes (data.size(), buffer.size()); byte-array conversions and buffer copies use actual sizes; updated one element-size error message reference.
Rust low-level FFI declarations rust-bindings/bls-dash-sys/bindings.rs	Added len: usize parameter to extern "C" declarations for: G1ElementFromBytes, G2ElementFromBytes, PrivateKeyFromBytes, BIP32ExtendedPublicKeyFromBytes, BIP32ExtendedPrivateKeyFromBytes.
Rust C element implementations rust-bindings/bls-dash-sys/c-bindings/elements.h, rust-bindings/bls-dash-sys/c-bindings/elements.cpp	G1ElementFromBytes / G2ElementFromBytes signatures now take size_t len; implementations construct Bytes using len and pass it to FromBytes.
Rust C private key impls rust-bindings/bls-dash-sys/c-bindings/privatekey.h, rust-bindings/bls-dash-sys/c-bindings/privatekey.cpp	PrivateKeyFromBytes now takes size_t len and uses it instead of PRIVATE_KEY_SIZE; error handling and didErr propagation preserved.
Rust C BIP32 public/private impls rust-bindings/bls-dash-sys/c-bindings/bip32/extendedpublickey.h, .../extendedpublickey.cpp, .../extendedprivatekey.h, .../extendedprivatekey.cpp	BIP32ExtendedPublicKeyFromBytes and BIP32ExtendedPrivateKeyFromBytes now accept size_t len and construct Bytes from len; FromSeed adjusted to use provided len.
Rust high-level bindings rust-bindings/bls-signatures/src/elements.rs, rust-bindings/bls-signatures/src/private_key.rs, rust-bindings/bls-signatures/src/bip32/*.rs	FFI call sites updated to pass bytes.len() (or equivalent) to the new len parameter; parameter ordering adjusted where required; error handling unchanged.

Sequence Diagram(s)

sequenceDiagram
  actor Caller as Go/Python/Rust
  participant C_WRAPPER as C bindings
  participant BLS_LIB as bls::FromBytes

  Note over Caller,C_WRAPPER: New argument added: len (size_t)

  Caller->>C_WRAPPER: FromBytes(data_ptr, len, ... , &didErr)
  alt success
    C_WRAPPER->>BLS_LIB: Bytes(data_ptr, len) -> FromBytes(...)
    BLS_LIB-->>C_WRAPPER: element_ptr
    C_WRAPPER-->>Caller: element_ptr (didErr=false)
  else failure
    BLS_LIB--x C_WRAPPER: throws/error
    C_WRAPPER-->>Caller: nullptr (didErr=true) and gErrMsg set
  end

Loading

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~25 minutes

• Focus review on FFI signature and call-site consistency across languages and headers.
• Check correct casting/width when converting lengths (C.size_t, usize) and parameter ordering.
• Verify no remaining hard-coded SIZE usages and consistent error propagation (gErrMsg / didErr).

Poem

🐇 I carried a number called len in my paw,

From bytes to bindings I hopped without flaw,
Replaced rigid sizes with runtime delight,
Now FromBytes reads lengths and gets parsing right. ✨

Pre-merge checks and finishing touches

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 40.91% which is insufficient. The required threshold is 80.00%.	You can run @coderabbitai generate docstrings to improve docstring coverage.

✅ Passed checks (2 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title clearly and specifically identifies the main change: adding actual buffer size parameters to Go and Rust bindings to enable proper size validation.

✨ Finishing touches

• 📝 Generate docstrings

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment

---

📜 Recent review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between f7e3f00 and a47caad.

📒 Files selected for processing (20)

• go-bindings/elements.cpp (2 hunks)
• go-bindings/elements.go (2 hunks)
• go-bindings/elements.h (2 hunks)
• go-bindings/privatekey.cpp (1 hunks)
• go-bindings/privatekey.go (1 hunks)
• go-bindings/privatekey.h (1 hunks)
• python-bindings/pythonbindings.cpp (10 hunks)
• rust-bindings/bls-dash-sys/bindings.rs (5 hunks)
• rust-bindings/bls-dash-sys/c-bindings/bip32/extendedprivatekey.cpp (2 hunks)
• rust-bindings/bls-dash-sys/c-bindings/bip32/extendedprivatekey.h (1 hunks)
• rust-bindings/bls-dash-sys/c-bindings/bip32/extendedpublickey.cpp (1 hunks)
• rust-bindings/bls-dash-sys/c-bindings/bip32/extendedpublickey.h (1 hunks)
• rust-bindings/bls-dash-sys/c-bindings/elements.cpp (2 hunks)
• rust-bindings/bls-dash-sys/c-bindings/elements.h (2 hunks)
• rust-bindings/bls-dash-sys/c-bindings/privatekey.cpp (1 hunks)
• rust-bindings/bls-dash-sys/c-bindings/privatekey.h (1 hunks)
• rust-bindings/bls-signatures/src/bip32/private_key.rs (1 hunks)
• rust-bindings/bls-signatures/src/bip32/public_key.rs (1 hunks)
• rust-bindings/bls-signatures/src/elements.rs (2 hunks)
• rust-bindings/bls-signatures/src/private_key.rs (1 hunks)

🚧 Files skipped from review as they are similar to previous changes (7)

• rust-bindings/bls-signatures/src/private_key.rs
• go-bindings/elements.h
• rust-bindings/bls-signatures/src/bip32/public_key.rs
• rust-bindings/bls-dash-sys/c-bindings/elements.cpp
• go-bindings/elements.go
• rust-bindings/bls-signatures/src/elements.rs
• rust-bindings/bls-dash-sys/c-bindings/bip32/extendedpublickey.cpp

🧰 Additional context used

🧬 Code graph analysis (10)

go-bindings/privatekey.cpp (2)

src/privatekey.cpp (3)

• data (282-282)
• FromBytes (52-72)
• FromBytes (52-52)

include/dashbls/util.hpp (7)

• data (66-72)
• data (66-66)
• data (74-80)
• data (74-74)
• Bytes (34-37)
• Bytes (38-41)
• Bytes (43-46)

rust-bindings/bls-dash-sys/c-bindings/privatekey.cpp (1)

src/privatekey.cpp (3)

• data (282-282)
• FromBytes (52-72)
• FromBytes (52-52)

rust-bindings/bls-dash-sys/c-bindings/bip32/extendedprivatekey.cpp (3)

src/privatekey.cpp (3)

• data (282-282)
• FromBytes (52-72)
• FromBytes (52-52)

src/extendedprivatekey.cpp (1)

• data (193-193)

js-bindings/wrappers/PrivateKeyWrapper.cpp (2)

• FromBytes (38-43)
• FromBytes (38-38)

go-bindings/elements.cpp (2)

src/elements.cpp (7)

• data (562-562)
• FromBytes (24-30)
• FromBytes (24-24)
• FromBytes (245-251)
• FromBytes (245-245)
• FromBytes (481-487)
• FromBytes (481-481)

include/dashbls/util.hpp (7)

• data (66-72)
• data (66-66)
• data (74-80)
• data (74-74)
• Bytes (34-37)
• Bytes (38-41)
• Bytes (43-46)

python-bindings/pythonbindings.cpp (2)

src/elements.cpp (7)

• data (562-562)
• FromBytes (24-30)
• FromBytes (24-24)
• FromBytes (245-251)
• FromBytes (245-245)
• FromBytes (481-487)
• FromBytes (481-481)

src/privatekey.cpp (3)

• data (282-282)
• FromBytes (52-72)
• FromBytes (52-52)

go-bindings/privatekey.go (1)

go-bindings/privatekey.cpp (2)

• CPrivateKeyFromBytes (23-40)
• CPrivateKeyFromBytes (23-23)

go-bindings/privatekey.h (1)

go-bindings/privatekey.cpp (2)

• CPrivateKeyFromBytes (23-40)
• CPrivateKeyFromBytes (23-23)

rust-bindings/bls-dash-sys/c-bindings/elements.h (3)

go-bindings/elements.go (2)

• G1ElementFromBytes (38-50)
• G2ElementFromBytes (129-141)

rust-bindings/bls-dash-sys/bindings.rs (2)

• G1ElementFromBytes (16-21)
• G2ElementFromBytes (45-50)

rust-bindings/bls-dash-sys/c-bindings/elements.cpp (4)

• G1ElementFromBytes (26-39)
• G1ElementFromBytes (26-26)
• G2ElementFromBytes (100-113)
• G2ElementFromBytes (100-100)

rust-bindings/bls-signatures/src/bip32/private_key.rs (2)

rust-bindings/bls-dash-sys/bindings.rs (1)

• BIP32ExtendedPrivateKeyFromBytes (390-394)

rust-bindings/bls-dash-sys/c-bindings/bip32/extendedprivatekey.cpp (2)

• BIP32ExtendedPrivateKeyFromBytes (9-22)
• BIP32ExtendedPrivateKeyFromBytes (9-9)

rust-bindings/bls-dash-sys/c-bindings/privatekey.h (3)

go-bindings/privatekey.go (1)

• PrivateKeyFromBytes (36-48)

rust-bindings/bls-dash-sys/bindings.rs (1)

• PrivateKeyFromBytes (70-75)

rust-bindings/bls-dash-sys/c-bindings/privatekey.cpp (2)

• PrivateKeyFromBytes (23-40)
• PrivateKeyFromBytes (23-23)

🔇 Additional comments (20)

rust-bindings/bls-dash-sys/c-bindings/bip32/extendedprivatekey.h (1)

19-22: LGTM! Signature updated to accept explicit buffer length.

The addition of the size_t len parameter between data and didErr is consistent with the existing BIP32ExtendedPrivateKeyFromSeed signature on line 23 and aligns with the PR objective to enable runtime buffer size validation.

go-bindings/elements.cpp (2)

26-39: LGTM! Properly implements runtime buffer size validation for G1Element.

The updated signature now accepts the actual buffer length and correctly passes it to the bls::Bytes constructor on line 30, enabling the library to validate buffer size rather than assuming it matches the expected constant.

---

96-109: LGTM! Properly implements runtime buffer size validation for G2Element.

The updated signature now accepts the actual buffer length and correctly passes it to the bls::Bytes constructor on line 100, enabling the library to validate buffer size rather than assuming it matches the expected constant.

rust-bindings/bls-dash-sys/c-bindings/bip32/extendedpublickey.h (1)

17-21: LGTM! Signature updated to accept explicit buffer length.

The addition of the size_t len parameter is consistent with the parameter ordering pattern across other FromBytes functions (data pointer followed by length).

rust-bindings/bls-dash-sys/c-bindings/elements.h (2)

30-30: LGTM! G1ElementFromBytes signature updated for explicit buffer length.

The parameter ordering (data, len, legacy, didErr) is consistent across the binding surface.

---

44-44: LGTM! G2ElementFromBytes signature updated for explicit buffer length.

The parameter ordering (data, len, legacy, didErr) is consistent across the binding surface.

rust-bindings/bls-signatures/src/bip32/private_key.rs (1)

38-53: LGTM! Proper defense-in-depth with size validation.

The implementation validates the buffer size at line 39 before passing the actual length (bytes.len()) to the FFI call at line 50. This provides defense-in-depth: the Rust layer rejects obviously incorrect sizes, while the C layer can validate the actual buffer length.

go-bindings/privatekey.h (1)

26-26: LGTM! CPrivateKeyFromBytes signature updated for explicit buffer length.

The parameter ordering (data, len, modOrder, didErr) is consistent with the pattern across other FromBytes functions.

go-bindings/privatekey.go (1)

36-48: LGTM! Go binding correctly passes actual buffer length.

The call to CPrivateKeyFromBytes at line 41 now passes C.size_t(len(data)), which provides the actual runtime buffer size rather than a hardcoded constant. This enables proper size validation in the C layer.

python-bindings/pythonbindings.cpp (5)

48-52: LGTM! Using container size improves maintainability.

Replacing the hardcoded PrivateKey::PRIVATE_KEY_SIZE with data.size() makes the code more defensive and reduces the risk of copy-paste errors.

---

358-404: LGTM! Using container sizes consistently for G1Element.

The changes at lines 363, 383, and 401 replace hardcoded size constants with buffer.size() and data.size(), making the code more maintainable and consistent.

---

510-546: LGTM! Using container sizes consistently for G2Element.

The changes at lines 512, 521, and 543 replace hardcoded size constants with buffer.size() and data.size(), making the code more maintainable and consistent.

---

638-660: Excellent catch! Fixed copy-paste bugs in GTElement.

Lines 640 and 649 correctly fix bugs where G2Element::SIZE was mistakenly used in GTElement code:

• Line 640: Error message now correctly references "GTElement::SIZE"
• Line 649: Buffer declaration now correctly uses GTElement::SIZE instead of G2Element::SIZE

This was likely a copy-paste error from the G2Element code above, and could have caused subtle bugs.

---

662-696: LGTM! Using container sizes consistently for GTElement.

The changes at lines 644, 653, 675, and 693 replace hardcoded size constants with buffer.size() and data.size(), making the code more maintainable and consistent with the fixes above.

go-bindings/privatekey.cpp (1)

23-40: LGTM! Proper size validation now enabled.

The addition of the len parameter and passing it to bls::Bytes correctly enables the underlying library's size check (in PrivateKey::FromBytes at src/privatekey.cpp:51-71) to validate against the actual buffer size rather than a hardcoded constant.

rust-bindings/bls-dash-sys/c-bindings/privatekey.cpp (1)

23-40: LGTM! Consistent implementation across bindings.

The change correctly mirrors the Go binding pattern, enabling proper size validation by passing the actual buffer length to bls::Bytes instead of the hardcoded PRIVATE_KEY_SIZE constant.

rust-bindings/bls-dash-sys/c-bindings/privatekey.h (1)

26-26: LGTM! Header signature matches implementation.

The updated function signature correctly reflects the implementation change in the corresponding .cpp file.

rust-bindings/bls-dash-sys/c-bindings/bip32/extendedprivatekey.cpp (2)

9-22: LGTM! Proper size validation enabled for BIP32 extended keys.

The addition of the len parameter and its use in the bls::Bytes constructor enables proper size validation in the underlying ExtendedPrivateKey::FromBytes method.

---

24-37: LGTM! Consistent use of len parameter.

The function now correctly uses the provided len parameter when constructing bls::Bytes, ensuring the underlying library performs validation against the actual buffer size.

rust-bindings/bls-dash-sys/bindings.rs (1)

16-21: LGTM! FFI declarations correctly updated.

All five FromBytes function declarations have been consistently updated to include the len: usize parameter, maintaining proper parameter ordering (data, len, additional flags, didErr). Per past review comments, the corresponding Rust wrapper calls have been verified and updated.

Also applies to: 45-50, 70-75, 359-364, 390-394

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[kwvg]

@coderabbitai review

[coderabbitai]

✅ Actions performed

Review triggered.

Note: CodeRabbit is an incremental review system and does not re-review already reviewed commits. This command is applicable only when automatic reviews are paused.

[coderabbitai]

Actionable comments posted: 2

📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between dd68365 and 8b0e611.

📒 Files selected for processing (18)

• go-bindings/elements.cpp (2 hunks)
• go-bindings/elements.go (2 hunks)
• go-bindings/elements.h (2 hunks)
• go-bindings/privatekey.cpp (1 hunks)
• go-bindings/privatekey.go (1 hunks)
• go-bindings/privatekey.h (1 hunks)
• python-bindings/pythonbindings.cpp (10 hunks)
• rust-bindings/bls-dash-sys/bindings.rs (5 hunks)
• rust-bindings/bls-dash-sys/c-bindings/bip32/extendedprivatekey.cpp (2 hunks)
• rust-bindings/bls-dash-sys/c-bindings/bip32/extendedprivatekey.h (1 hunks)
• rust-bindings/bls-dash-sys/c-bindings/bip32/extendedpublickey.cpp (1 hunks)
• rust-bindings/bls-dash-sys/c-bindings/bip32/extendedpublickey.h (1 hunks)
• rust-bindings/bls-dash-sys/c-bindings/elements.cpp (2 hunks)
• rust-bindings/bls-dash-sys/c-bindings/elements.h (2 hunks)
• rust-bindings/bls-dash-sys/c-bindings/privatekey.cpp (1 hunks)
• rust-bindings/bls-dash-sys/c-bindings/privatekey.h (1 hunks)
• rust-bindings/bls-signatures/src/elements.rs (2 hunks)
• rust-bindings/bls-signatures/src/private_key.rs (1 hunks)

🔇 Additional comments (34)

go-bindings/privatekey.h (1)

26-26: LGTM! Length parameter added to enable runtime size validation.

The signature now accepts the buffer length explicitly, allowing the implementation to validate against the actual buffer size instead of assuming a hardcoded constant. This addresses the issue mentioned in the PR where the binding previously always passed a buffer sized to the hardcoded constant, making in-library size checks ineffective.

rust-bindings/bls-dash-sys/c-bindings/bip32/extendedprivatekey.h (1)

19-22: LGTM! BIP32 extended key deserialization now length-aware.

Consistent with the broader API evolution across this PR, the extended private key constructor now accepts an explicit length parameter.

rust-bindings/bls-dash-sys/c-bindings/privatekey.h (1)

26-26: LGTM! Signature updated consistently with Go bindings.

The Rust C bindings now mirror the Go bindings with the explicit length parameter, ensuring consistent API across language bindings.

rust-bindings/bls-dash-sys/c-bindings/elements.h (2)

30-30: LGTM! G1 element deserialization now length-aware.

---

44-44: LGTM! G2 element deserialization now length-aware.

Both G1 and G2 element constructors are updated consistently, enabling dynamic size validation for elliptic curve elements.

go-bindings/elements.h (2)

30-30: LGTM! Go G1 element constructor now accepts explicit length.

---

43-43: LGTM! Go G2 element constructor now accepts explicit length.

Both Go element constructors updated consistently with the length-aware pattern.

python-bindings/pythonbindings.cpp (12)

49-49: LGTM! Using dynamic size for buffer copy.

The change from a hardcoded constant to data.size() improves consistency and reduces the risk of size mismatches. Since the array is already correctly sized at line 48, this is safe.

---

363-363: LGTM! Using actual buffer size for PyLong_AsByteArray.

Replacing the hardcoded G1Element::SIZE with buffer.size() ensures consistency and safety.

---

383-383: LGTM! Dynamic sizing for G1Element buffer copy.

---

401-401: LGTM! Dynamic sizing for G1Element from_bytes.

---

512-512: LGTM! Dynamic sizing for G2Element buffer copy.

---

521-521: LGTM! Using actual buffer size for G2Element PyLong_AsByteArray.

---

543-543: LGTM! Dynamic sizing for G2Element from_bytes.

---

640-640: Bug fix: Corrected error message for GTElement.

Good catch! The error message previously incorrectly referenced G2Element::SIZE instead of GTElement::SIZE.

---

644-644: LGTM! Dynamic sizing for GTElement buffer copy.

---

649-653: LGTM! Consistent GTElement buffer initialization and sizing.

Lines 649 and 653 now explicitly use GTElement::SIZE and buffer.size() respectively, improving consistency across GTElement constructors.

---

675-675: LGTM! Dynamic sizing for GTElement from_bytes.

---

693-693: LGTM! Dynamic sizing for GTElement from_bytes_unchecked.

All Python binding changes consistently replace hardcoded sizes with dynamic container sizes, improving safety and maintainability.

rust-bindings/bls-signatures/src/elements.rs (2)

78-78: LGTM! FFI call updated to pass actual byte slice length.

The call now passes bytes.len() as the second argument, aligning with the updated C API. The length validation at lines 67-75 ensures only correctly-sized buffers reach the FFI boundary.

---

237-237: LGTM! G2Element FFI call updated consistently.

Both G1 and G2 element deserialization now pass the actual buffer length to the C layer, with pre-validation ensuring correctness.

rust-bindings/bls-dash-sys/c-bindings/bip32/extendedpublickey.h (1)

17-21: LGTM! BIP32 extended public key now length-aware.

Consistent with the corresponding extended private key update, ensuring both BIP32 key types benefit from explicit length validation.

rust-bindings/bls-dash-sys/c-bindings/bip32/extendedpublickey.cpp (1)

11-19: Explicit length propagation keeps FromBytes safe. Passing len through to bls::Bytes ensures the library’s internal bounds check operates on the actual buffer size. Looks good.

go-bindings/elements.go (2)

43-44: Go G1 bindings now forward the true slice length. Using C.size_t(len(data)) keeps the C layer in sync with the Go slice size, so the validation isn’t bypassed.

---

134-135: Same solid fix for G2. The length-aware call path mirrors the G1 change and maintains symmetry across element bindings.

rust-bindings/bls-signatures/src/private_key.rs (1)

140-141: Rust FFI call stays consistent with the new C signature. Forwarding bytes.len() lines up the safe Rust guard with the runtime length check underneath.

go-bindings/privatekey.cpp (1)

23-39: Private key FromBytes now honours caller-provided buffer size. The new len parameter keeps the underlying bounds validation meaningful.

rust-bindings/bls-dash-sys/c-bindings/privatekey.cpp (1)

23-39: Dash-sys bridge mirrors the length-aware constructor. Propagating len here keeps the Rust bindings and lower layer aligned.

go-bindings/privatekey.go (1)

41-42: Go wrapper lines up with the updated C signature. Feeding len(data) through CGO ensures the buffer length check holds end to end.

rust-bindings/bls-dash-sys/c-bindings/elements.cpp (2)

26-31: G1 element path now respects the caller-provided length. Matching the new signature keeps the validation active across languages.

---

100-105: G2 element path follows suit. Propagating len here maintains consistent safety coverage for signatures as well.

go-bindings/elements.cpp (2)

26-31: C shim for G1 forwards the correct length. This pairs cleanly with the Go-side changes and restores the size guard.

---

96-101: G2 shim mirrors the fix. Length propagation here keeps the signature deserialization path robust.

rust-bindings/bls-dash-sys/c-bindings/bip32/extendedprivatekey.cpp (1)

24-29: LGTM! Consistent with FromBytes changes.

The FromSeed function already had a len parameter, and this change ensures it's properly used in the bls::Bytes constructor, maintaining consistency with the FromBytes function.

[UdjinM6]

utACK f7e3f00

The base branch was changed.

[PastaPastaPasta]

re-utACK

[knst]

LGTM a47caad

[UdjinM6]

utACK a47caad