Replace signature_seed implementation with Narwhal's crypto

crates/sui-types/src/crypto.rs

@@ -1,11 +1,9 @@
 // Copyright (c) 2022, Mysten Labs, Inc.
 // SPDX-License-Identifier: Apache-2.0
-use crate::base_types::{AuthorityName, SuiAddress};
-use crate::committee::{Committee, EpochId};
-use crate::error::{SuiError, SuiResult};
-use crate::sui_serde::Base64;
-use crate::sui_serde::Readable;
-use crate::sui_serde::SuiBitmap;
+use std::fmt::Display;
+use std::hash::{Hash, Hasher};
+use std::str::FromStr;
+
 use anyhow::Error;
 use base64ct::Encoding;
 use digest::Digest;
@@ -22,12 +20,13 @@ use rand::rngs::OsRng;
 use roaring::RoaringBitmap;
 use schemars::JsonSchema;
 use serde::{Deserialize, Serialize};
-use serde_with::serde_as;
-use serde_with::Bytes;
+use serde_with::{serde_as, Bytes};
 use sha3::Sha3_256;
-use std::fmt::Display;
-use std::hash::{Hash, Hasher};
-use std::str::FromStr;
+
+use crate::base_types::{AuthorityName, SuiAddress};
+use crate::committee::{Committee, EpochId};
+use crate::error::{SuiError, SuiResult};
+use crate::sui_serde::{Base64, Readable, SuiBitmap};
 
 // Comment the one you want to use
 pub type KeyPair = Ed25519KeyPair; // Associated Types don't work here yet for some reason.

crates/sui-types/src/signature_seed.rs

@@ -3,25 +3,24 @@
 
 //! A secret seed value, useful for deterministic private key and SuiAddress generation.
 
-use crate::base_types::SuiAddress;
-use crate::crypto::{KeyPair, Signable, Signature};
-use crate::error::SuiError;
-use hkdf::Hkdf;
-use narwhal_crypto::traits::KeyPair as KeypairTraits;
+use narwhal_crypto::{
+    ed25519::Ed25519KeyPair, hkdf::hkdf_generate_from_ikm, traits::KeyPair as KeypairTraits,
+};
 use rand::{CryptoRng, RngCore};
 use sha3::Sha3_256;
 use zeroize::{Zeroize, ZeroizeOnDrop};
 
+use crate::base_types::SuiAddress;
+use crate::crypto::{KeyPair, Signable, Signature};
+use crate::error::{SuiError, SuiError::HkdfError};
+
 #[cfg(test)]
 #[path = "unit_tests/signature_seed_tests.rs"]
 mod signature_seed_tests;
 
 /// The length of a `secret crypto seed`, in bytes.
 pub const SEED_LENGTH: usize = 32;
 
-// Default domain value when not provided in KDF.
-const DEFAULT_DOMAIN: [u8; 16] = [0u8; 16];
-
 /// A secret seed required for various cryptographic purposes, i.e., deterministic key derivation.
 ///
 /// Instances of this seed are automatically overwritten with zeroes when they
@@ -233,22 +232,8 @@ impl SignatureSeed {
         id: &[u8],
         domain: Option<&[u8]>,
     ) -> Result<KeyPair, SuiError> {
-        // HKDF<Sha3_256> to deterministically generate an ed25519 private key.
-        let hk = Hkdf::<Sha3_256>::new(Some(id), &self.0);
-        let mut okm = [0u8; ed25519_dalek::SECRET_KEY_LENGTH];
-        hk.expand(domain.unwrap_or(&DEFAULT_DOMAIN), &mut okm)
-            .map_err(|e| SuiError::HkdfError(e.to_string()))?;
-
-        // This should never fail, as we ensured the HKDF output is SECRET_KEY_LENGTH bytes.
-        let ed25519_secret_key = ed25519_dalek::SecretKey::from_bytes(&okm)
-            .map_err(|e| SuiError::SignatureKeyGenError(e.to_string()))?;
-        let ed25519_public_key = ed25519_dalek::PublicKey::from(&ed25519_secret_key);
-
-        let dalek_keypair = ed25519_dalek::Keypair {
-            secret: ed25519_secret_key,
-            public: ed25519_public_key,
-        };
-        Ok(KeyPair::from(dalek_keypair))
+        hkdf_generate_from_ikm::<Sha3_256, Ed25519KeyPair>(self.as_bytes(), id, domain)
+            .map_err(|_| HkdfError("Deterministic keypair derivation failed".to_string()))
     }
 }
 

sdk/typescript/bcs/examples/readme.js

@@ -21,7 +21,7 @@ const { bcs } = require('./../dist');
     let str = bcs.de(bcs.STRING, '0a68656c6c6f5f6d6f7665', 'hex'); // hello_move
 
     console.log(str);
-};
+}
 
 
 {
@@ -30,7 +30,7 @@ const { bcs } = require('./../dist');
 
     let bcs_ascii = bcs.ser('string', 'hello_move').toString('hex');
     console.assert(bcs_ascii === '0a68656c6c6f5f6d6f7665');
-};
+}
 
 {
     // Move / Rust struct