Darc ECDSA

[pm-duokey]

What this PR does

See commit message
This PR

---

🙅‍ Friendly checklist:

• 0. Code comments are added (or updated) when/where needed and explain the WHY of the code.
• 1. Design choices, user documentation and any additional doc are added (or updated) in READMEs.
• 2. Any new behaviour is tested and small units of code that can be are unit tested.
• 3. Code comments are added on tests to explain what they do.
• 4. Errors are systematically wrapped with a meaningful message using xerrors.Errorf and the %v verb.
• 5. Hard limit of 80 chars is always respected.
• 6. Changes are backward compatible.
• 7. Indentation level does not exceed 5, although 4 is already suspicious.
• 8. Functions, files, and packages are kept to a manageable size and decomposed into smaller units if needed.
• 9. There are no magic values.

[ineiti]

Thanks for this PR. I think the most difficult bit is the naming :) You called it ECDSA, but I think it would be more appropriate to call it something like MPCECDSA, or TSMECDSA or such.

[ineiti]

What kind of error check can you do here? The GetPublicBytes doesn't return an error, so all you could do is panic.

[ineiti]

Please resolve all TODOs.

From what I understand, the Verify method will not call to the TSM, no?

[ineiti]

Suggested change

	//necessary function, needs to be refactored only supports elliptic.P256 curve
	//needs to be tested Unmarshal might not work
	// Tries to convert a string into a sec256k1 point.
	// TODO: needs to be tested Unmarshal might not work

[ineiti]

Here and everywhere else: we should call the ECDSA identity MPCECDSA to indicate we're doing something special..

[ineiti]

Suggested change

	id := make([]byte, hex.DecodedLen(len(in)))
	_, err := hex.Decode(id, []byte(in))
	buf, err := hex.DecodeString(in)
	if err != nil {
	return xerrors.Errorf("couldn't parse hex-string: %v", err)
	}

[ineiti]

Suggested change

	if err != nil {
	return Identity{}, err
	}

Treat the error as close as possible to the source. Else it is very confusing.

[ineiti]

Suggested change

	// new signer creates a signer only with a public key used to verify signatures
	// NewSignerECDSA only takes a public key as the MPC is needed to sign data.

[ineiti]

One way to implement sign would be to give the necessary configuration when calling NewSignerECDSA, and then having Sign call the MPC backend. But that would introduce a dependency on the MPC code that we probably don't want to have in here.

Suggested change

	//TODO
	// Sign cannot be implemented, as only the MPC can sign a message.

[ineiti]

Suggested change

	signed, _ := hex.DecodeString("304402204f0b20a44efacec7b0514683233a79552026fe80e468078f6fed6cfe3f3e8a0402201eb12db7f6fe0828cafe8b0a032a37ff377b342799cfe77cfbac40c8ec1fa9e8")
	signed, err := hex.DecodeString("304402204f0b20a44efacec7b0514683233a79552026fe80e468078f6fed6cfe3f3e8a0402201eb12db7f6fe0828cafe8b0a032a37ff377b342799cfe77cfbac40c8ec1fa9e8")
	require.NoError(t, err)

ALWAYS do error checking! You will save yourself a lot of pain!

[ineiti]

Error checking needed.

[ineiti]

You can also use the Commit Suggestions in the comments to directly add the suggestions I made.

[sonarqubecloud]

SonarCloud Quality Gate failed.   

0 Bugs
0 Vulnerabilities
0 Security Hotspots
4 Code Smells

No Coverage information
8.4% Duplication

[sonarqubecloud]

SonarCloud Quality Gate failed.   

0 Bugs
0 Vulnerabilities
0 Security Hotspots
4 Code Smells

No Coverage information
3.9% Duplication

[CLAassistant]

Thank you for your submission! We really appreciate it. Like many open source projects, we ask that you all sign our Contributor License Agreement before we can accept your contribution.
1 out of 2 committers have signed the CLA.

✅ ineiti
❌ pm-duokey
_{You have signed the CLA already but the status is still pending? Let us recheck it.}