From 96bda92e3ed689bdc2fda334b0712ec80d08012d Mon Sep 17 00:00:00 2001
From: Francisco Gindre <francisco.gindre@gmail.com>
Date: Tue, 23 Jul 2024 14:14:18 -0300
Subject: [PATCH 1/2] Allow SpendValidatingKey to be constructed from bytes

closes #427

This adds a FROST feature flag so that public interface of the
crate is not altered in its meaning for non-FROST applications.

Key derivation is intended to be done on a specific way for usual
applications. Interface changes introduce by FROST can pose a risk
for the rest of the use cases that don't involve the assumptions
of the FROST signature scheme protocol. we don't want non-FROST
cases to make use the helper functions FROST needs to derive the
needed key elements.

PR suggestions:
	Make "frost" feature be under the "unstable" set of features
	correct the unstable feature definition
	use visibility crate
---
 CHANGELOG.md |  6 ++++++
 Cargo.lock   | 12 ++++++++++++
 Cargo.toml   |  2 ++
 src/keys.rs  |  5 +++++
 4 files changed, 25 insertions(+)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 3fd1be722..dfc144e09 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -6,6 +6,12 @@ and this project adheres to Rust's notion of
 [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
 ## [Unreleased]
+### added
+- Added [Visibility crate](https://crates.io/crates/visibility) to modify
+visibility of methods and struct for the `unstable-frost` feature.
+- Added `SpendValidatingKey` serialization and deserialization from bytes
+visibility under the `unstable-frost` feature
+  - `orchard::keys::SpendValidatingKey`
 
 ## [0.8.0] - 2024-03-25
 
diff --git a/Cargo.lock b/Cargo.lock
index b525d0ada..983510038 100644
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -1440,6 +1440,7 @@ dependencies = [
  "serde",
  "subtle",
  "tracing",
+ "visibility",
  "zcash_note_encryption",
  "zcash_spec",
  "zip32",
@@ -2251,6 +2252,17 @@ version = "0.9.4"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "49874b5167b65d7193b8aba1567f5c7d93d001cafc34600cee003eda787e483f"
 
+[[package]]
+name = "visibility"
+version = "0.1.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "b3fd98999db9227cf28e59d83e1f120f42bc233d4b152e8fab9bc87d5bb1e0f8"
+dependencies = [
+ "proc-macro2",
+ "quote",
+ "syn 2.0.31",
+]
+
 [[package]]
 name = "wait-timeout"
 version = "0.2.0"
diff --git a/Cargo.toml b/Cargo.toml
index 0ea1d289d..3267f13f1 100644
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -45,6 +45,7 @@ zcash_note_encryption = "0.4"
 incrementalmerkletree = "0.5"
 zcash_spec = "0.1"
 zip32 = "0.1"
+visibility = "0.1.0"
 
 # Logging
 tracing = "0.1"
@@ -71,6 +72,7 @@ bench = false
 
 [features]
 default = ["multicore"]
+unstable-frost = []
 multicore = ["halo2_proofs/multicore"]
 dev-graph = ["halo2_proofs/dev-graph", "image", "plotters"]
 test-dependencies = ["proptest"]
diff --git a/src/keys.rs b/src/keys.rs
index f5bae6cb2..4becf1150 100644
--- a/src/keys.rs
+++ b/src/keys.rs
@@ -186,12 +186,17 @@ impl SpendValidatingKey {
 
     /// Converts this spend validating key to its serialized form,
     /// I2LEOSP_256(ak).
+    #[cfg_attr(feature = "unstable-frost", visibility::make(pub))]
     pub(crate) fn to_bytes(&self) -> [u8; 32] {
         // This is correct because the wrapped point must have ỹ = 0, and
         // so the point repr is the same as I2LEOSP of its x-coordinate.
         <[u8; 32]>::from(&self.0)
     }
 
+    /// Attempts to convert these bytes into a spend validating key
+    /// from its serialized form, I2LEOSP_256(ak). Returns None if
+    /// it can't be created.
+    #[cfg_attr(feature = "unstable-frost", visibility::make(pub))]
     pub(crate) fn from_bytes(bytes: &[u8]) -> Option<Self> {
         <[u8; 32]>::try_from(bytes)
             .ok()

From 4ffcf2ce5924d7df5e005f6c784e574d129dd378 Mon Sep 17 00:00:00 2001
From: Conrado Gouvea <conradoplg@gmail.com>
Date: Wed, 31 Jul 2024 12:16:50 -0300
Subject: [PATCH 2/2] add SigningParts::{ak, alpha}

---
 CHANGELOG.md   |  1 +
 src/builder.rs | 12 ++++++++++++
 2 files changed, 13 insertions(+)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index dfc144e09..16ae932d1 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -12,6 +12,7 @@ visibility of methods and struct for the `unstable-frost` feature.
 - Added `SpendValidatingKey` serialization and deserialization from bytes
 visibility under the `unstable-frost` feature
   - `orchard::keys::SpendValidatingKey`
+- Added `SigningParts::{ak, alpha}` getters under the `unstable-frost` feature
 
 ## [0.8.0] - 2024-03-25
 
diff --git a/src/builder.rs b/src/builder.rs
index 37bdc3883..26b58fd7e 100644
--- a/src/builder.rs
+++ b/src/builder.rs
@@ -751,6 +751,18 @@ pub struct SigningParts {
     alpha: pallas::Scalar,
 }
 
+#[cfg(feature = "unstable-frost")]
+impl SigningParts {
+    /// Return the spend validating key for this action.
+    pub fn ak(&self) -> &SpendValidatingKey {
+        &self.ak
+    }
+    /// Return the randomization for this action.
+    pub fn alpha(&self) -> pallas::Scalar {
+        self.alpha
+    }
+}
+
 /// Marker for an unauthorized bundle with no signatures.
 #[derive(Clone, Debug)]
 pub struct Unauthorized {