Skip to content

field: Improve docs +tests of secp256k1_fe_set_b32#1205

Merged
jonasnick merged 4 commits into
bitcoin-core:masterfrom
real-or-random:202302-verify-overflow
Apr 21, 2023
Merged

field: Improve docs +tests of secp256k1_fe_set_b32#1205
jonasnick merged 4 commits into
bitcoin-core:masterfrom
real-or-random:202302-verify-overflow

Conversation

@real-or-random

Copy link
Copy Markdown
Contributor

We could also change the interface to accept an explicit overflow output variable, like for the scalar function. I think this makes handling (and ignoring!) overflow much more explicit in the code. What do you think?

@real-or-random real-or-random force-pushed the 202302-verify-overflow branch 2 times, most recently from 64c41de to 727d50a Compare February 1, 2023 13:32
@sipa

sipa commented Feb 1, 2023

Copy link
Copy Markdown
Contributor

Concept ACK, though is the inclusion of the last commit intentional?

An alternative follow-up could be to split the function in two:

  • One that doesn't return whether overflow occurred, and only promises weak normalization.
  • One that fails in case overflow occurred (and returns it), and promises strong normalization.

This would get rid of the fact that this is one of the few places in the codebase where field magnitude/normalization properties depend on runtime values (they're almost always compile-time known otherwise).

@real-or-random

Copy link
Copy Markdown
Contributor Author

Concept ACK, though is the inclusion of the last commit intentional?

Yes, but I'm happy to remove it, of course. The story behind this is that I had forgotten to remove a debug printer first when I opened this PR. I mentioned this to @jonasnick who told me that he also had to write these functions multiple times in the past, so we thought it's a good idea to have one in the code base. Then I made it a bit nicer and added a commit. And I felt it's not worth a separate PR (but maybe I was just being lazy there).

@real-or-random

Copy link
Copy Markdown
Contributor Author

An alternative follow-up could be to split the function in two: [...]

That's a great idea.

We could still have overflow as an explicit argument of the (second) function. What do you think?

@sipa

sipa commented Feb 2, 2023

Copy link
Copy Markdown
Contributor

We could still have overflow as an explicit argument of the (second) function. What do you think?

It could, but I think that'd be confusing. The second function cannot handle overflow; if it was provided input that's out of range, it should return failure, and not make any promises about the parsed secp256k1_fe. The caller is supposed to return or handle failure in this case.

@real-or-random

Copy link
Copy Markdown
Contributor Author

Ok yes, understood now.

@sipa

sipa commented Feb 2, 2023

Copy link
Copy Markdown
Contributor

utACK 727d50a

@jonasnick jonasnick left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

ACK mod nits

Comment thread src/tests.c Outdated
Comment thread src/tests.c
@real-or-random real-or-random force-pushed the 202302-verify-overflow branch from 727d50a to 162da73 Compare April 21, 2023 15:20
@real-or-random

Copy link
Copy Markdown
Contributor Author

force-pushed to address @jonasnick's nits

@jonasnick jonasnick left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

ACK 162da73

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

3 participants