Add support of HD wallets and Taproot Tweaking

Signed-off-by: Denis Varlakov <[email protected]>

.github/workflows/rust.yml

@@ -13,21 +13,15 @@ jobs:
     runs-on: ubuntu-latest
     steps:
     - uses: actions/checkout@v3
-    - uses: webfactory/[email protected]
-      with:
-          ssh-private-key: ${{ secrets.CGGMP21 }}
     - uses: Swatinem/rust-cache@v2
       with:
         cache-on-failure: "true"
-    - name: Build all-features
+    - name: Build
       run: cargo build -p givre
   build:
     runs-on: ubuntu-latest
     steps:
     - uses: actions/checkout@v3
-    - uses: webfactory/[email protected]
-      with:
-          ssh-private-key: ${{ secrets.CGGMP21 }}
     - uses: Swatinem/rust-cache@v2
       with:
         cache-on-failure: "true"
@@ -37,9 +31,6 @@ jobs:
     runs-on: ubuntu-latest
     steps:
     - uses: actions/checkout@v3
-    - uses: webfactory/[email protected]
-      with:
-          ssh-private-key: ${{ secrets.CGGMP21 }}
     - uses: Swatinem/rust-cache@v2
       with:
         cache-on-failure: "true"
@@ -52,9 +43,6 @@ jobs:
     runs-on: ubuntu-latest
     steps:
     - uses: actions/checkout@v3
-    - uses: webfactory/[email protected]
-      with:
-          ssh-private-key: ${{ secrets.CGGMP21 }}
     - uses: Swatinem/rust-cache@v2
       with:
         cache-on-failure: "true"
@@ -70,22 +58,25 @@ jobs:
     runs-on: ubuntu-latest
     steps:
     - uses: actions/checkout@v3
-    - uses: webfactory/[email protected]
-      with:
-          ssh-private-key: ${{ secrets.CGGMP21 }}
     - uses: Swatinem/rust-cache@v2
       with:
         cache-on-failure: "true"
     - name: Run clippy
       run: cargo clippy --all --lib --all-features
+  clippy-tests:
+    runs-on: ubuntu-latest
+    steps:
+    - uses: actions/checkout@v3
+    - uses: Swatinem/rust-cache@v2
+      with:
+        cache-on-failure: "true"
+    - name: Run clippy
+      run: cargo clippy --all --tests --all-features
   check-doc:
     runs-on: ubuntu-latest
     steps:
     - uses: dtolnay/rust-toolchain@nightly
     - uses: actions/checkout@v3
-    - uses: webfactory/[email protected]
-      with:
-          ssh-private-key: ${{ secrets.CGGMP21 }}
     - uses: Swatinem/rust-cache@v2
       with:
         cache-on-failure: "true"

.gitignore

@@ -2,3 +2,4 @@
 /wasm/no_std/target
 
 /.helix
+.cspell.config.yaml

Cargo.toml

@@ -9,10 +9,3 @@ exclude = [
   "wasm/no_std",
 ]
 
-[patch.crates-io.cggmp21-keygen]
-git = "https://github.com/dfnsco/cggmp21-private"
-rev = "730e1217443eccac983d0177cab222decf07f139"
-
-[patch.crates-io.key-share]
-git = "https://github.com/dfnsco/cggmp21-private"
-rev = "730e1217443eccac983d0177cab222decf07f139"

README.md

@@ -6,7 +6,7 @@ signers to commit nonces ahead of time), and identifiable abort.
 This crate provides:
 * Distributed Key Generation (DKG) \
   FROST does not define DKG protocol to be used. We simply re-export DKG based on [CGGMP21] implementation
-  when `cggmp21-keygen` feature is enabled, which is a fairly reasonalbe choice as it's proven to be UC-secure.
+  when `cggmp21-keygen` feature is enabled, which is a fairly reasonable choice as it's proven to be UC-secure.
   Alternatively, you can use any other UC-secure DKG protocol.
 * FROST Signing \
   We provide API for both manual signing execution (for better flexibility and efficiency) and interactive protocol
@@ -23,7 +23,7 @@ The crate is wasm and no_std friendly.
 
 ### Distributed Key Generation (DKG)
 First of all, you need to generate a key. For that purpose, you can use any secure
-(preferrably, UC-secure) DKG protocol. FROST IETF Draft does not define any DKG
+(preferably, UC-secure) DKG protocol. FROST IETF Draft does not define any DKG
 protocol or requirements it needs to meet, so the choice is up to you. This library
 re-exports CGGMP21 DKG from `cggmp21-keygen` crate when `cggmp21-keygen` feature
 is enabled which is proven to be UC-secure and should be a reasonable default.
@@ -39,7 +39,7 @@ let outgoing: impl Sink<Outgoing<Msg>>;
 
 where:
 * `Msg` is a protocol message (e.g., `keygen::msg::threshold::Msg`)
-* `round_based::Incoming` and `round_based::Outgoing` wrap `Msg` and provide additional data (e.g., sender/recepient)
+* `round_based::Incoming` and `round_based::Outgoing` wrap `Msg` and provide additional data (e.g., sender/recipient)
 * `futures::Stream` and `futures::Sink` are well-known async primitives.
 
 

givre/Cargo.toml

@@ -7,7 +7,7 @@ edition = "2021"
 
 [dependencies]
 cggmp21-keygen = { version = "0.3", optional = true }
-key-share = { version = "0.4", default-features = false }
+key-share = { version = "0.4.1", default-features = false }
 
 generic-ec = { version = "0.4", default-features = false, features = ["alloc"] }
 
@@ -22,6 +22,8 @@ sha2 = { version = "0.10", default-features = false, optional = true }
 
 serde = { version = "1", default-features = false, features = ["derive"], optional = true }
 
+slip-10 = { version = "0.4", default-features = false, optional = true }
+
 [dev-dependencies]
 rand_core = { version = "0.6", default-features = false, features = ["getrandom"] }
 futures = "0.3"
@@ -38,15 +40,11 @@ serde = ["dep:serde", "key-share/serde"]
 
 spof = ["key-share/spof"]
 
-# Enabling this flag only makes the library compatible with these dependencies. Otherwise,
-# for instance, if `key-share` crate has `hd-wallets` feature enabled, but `givre` doesn't,
-# it'll fail to compile.
-#
-# Library doesn't have support of HD signing yet.
-hd-wallets = ["key-share/hd-wallets", "cggmp21-keygen?/hd-wallets"]
+hd-wallets = ["slip-10", "key-share/hd-wallets", "cggmp21-keygen?/hd-wallets"]
+taproot = ["sha2"]
 
 all-ciphersuites = ["ciphersuite-secp256k1", "ciphersuite-ed25519", "ciphersuite-bitcoin"]
 ciphersuite-secp256k1 = ["generic-ec/curve-secp256k1", "k256", "sha2", "static_assertions"]
 ciphersuite-ed25519 = ["generic-ec/curve-ed25519", "sha2"]
-ciphersuite-bitcoin = ["ciphersuite-secp256k1"]
+ciphersuite-bitcoin = ["ciphersuite-secp256k1", "taproot"]