Naming convention for secret function arguments #1191

issue real-or-random openend this issue on January 10, 2023
  1. real-or-random commented at 4:52 pm on January 10, 2023: contributor

    We should have a naming convention for function arguments that are considered secret by the function (w.r.t to the side channels). This could for example be a prefix, a suffix, or uppercase.

    This will be helpful as documentation for the API functions at least.

    I’m not sure if it’s worth the hassle for the internal functions. Clearer docs certainly won’t hurt, but our constant-time tests should catch any violation of secrecy constraints (if nicely documented or not).

  2. real-or-random added the label documentation on Jan 10, 2023
  3. real-or-random added the label side-channel on Jan 10, 2023
  4. sipa commented at 8:00 pm on February 8, 2023: contributor

    This seems like a good idea, as we do have both internal and external API functions that are only constant-time in some subset of the inputs.

    One perhaps rather small point: functions can be constant-time or non-constant-time in their output too. E.g. an ECDH function that first computes a point multiplication (constant time in both its point and scalar argument) and then applies a variable-time hashing algorithm on its output. This may or may not be fine if the output of the function is not used as a secret-to-be-protected. Should that too be encoded in the naming somehow?

  5. tusharv01 commented at 4:19 am on April 13, 2023: none
    In which of the directory, we have to make changes by adding the naming conventions?? Is it coding_notes.md or doc/developer-notes?

github-metadata-mirror

This is a metadata mirror of the GitHub repository bitcoin-core/secp256k1. This site is not affiliated with GitHub. Content is generated from a GitHub metadata backup.
generated: 2024-12-26 10:15 UTC

This site is hosted by @0xB10C
More mirrored repositories can be found on mirror.b10c.me