-
Notifications
You must be signed in to change notification settings - Fork 16
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Make more modules panic free #713
base: main
Are you sure you want to change the base?
Conversation
I uploaded panic-free polynomial module (some functions have proofs) |
This should be against main now. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Generally appears to be ok. But needs more context.
Please add some description on what this is doing.
Yes, I made this into a PR to get CI working on it, but it will go through one more round of work on Monday before I ask for a "real" review. |
I made it into a draft for you |
The changes are ready for review, and the branch passes verification process. |
panic freedom improvements
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
lgtm with the two nits addressed/commented on.
I checked the C extraction, that's the new functions that were added in polynomial. The eurydice version is newer now, but the code doesn't change with that. So no new extraction needed.
These changes are unfortunate because of the functional style of the code and this causes a bunch of memcpy
s in the C code. But that's an improvement for another PR.
libcrux-ml-kem/src/polynomial.rs
Outdated
#[hax_lib::fstar::before(r#"[@@ "opaque_to_smt"]"#)] | ||
#[hax_lib::requires(fstar!(r#"add_vector_pre $lhs $rhs"#))] | ||
#[hax_lib::ensures(|result| fstar!(r#"add_vector_post $result $lhs $rhs"#))] | ||
fn add_vector<Vector: Operations>(lhs: Vector, rhs: &Vector) -> Vector { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Having to pull out these again is pretty ugly. Please add some comments to both of these functions with some text why it's necessary for the proof right now. And ideally we have an issue on hax for tracking this.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I managed to move the conditions to Traits module without any additional functions, whilst improve the capacity of Operations
class too. I am adjusting the proofs to adapt the new conditions and will update the PR once done.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The patch is in place, it uses add_opaue
and sub_opauqe
to utilize directly from the Operations
trait with no performance drawback.
This PR adds runtime safety proofs for
portable/sampling.rs
and forpolynomial.rs
.Since polynomial now has new preconditions, the verification of NTT and Matrix needs to be updated next.
It also bumps up the Z3 rlimits for IND-CPA to restore verification for that module.