Update libprio-rs dependency to version 0.8.0. #256
Conversation
This version of libprio-rs implements draft-irtf-cfrg-vdaf-01, which is the version we are targeting for interop tests. This change is large but mostly-mechanical. A large number of line changes are due to the new `L` const generic parameter to the VDAF Aggregator trait. This parameter is effectively the underlying PRG's seed size. Unfortunately, Rust currently doesn't allow const generic parameters to be inferred; there is an open issue to resolve this, but it doesn't appear to have received much attention thus far[1]. [1] rust-lang/rust#80528
| (false, true) => AggregationJobState::Finished, | ||
| (true, true) => { | ||
| return Err(Error::Internal( | ||
| "VDAF took an inconsistent number of rounds to reach Finish state".to_string(), |
There was a problem hiding this comment.
I think we may want to keep this check in. While I'm not concerned about defensive programming against the VDAF itself, it would be good to catch if we somehow tore an aggregation job, and stepped different report aggregations a different number of times. If we don't check this here, we would likely see issues later in the process when comparing report counts and checksums between aggregators.
There was a problem hiding this comment.
This is due to a VDAF API change: this method is for the "aggregate initialization" step. Previously, the VDAF interface required calling prepare_init followed by prepare_step (with a None prepare state); the latter call would return a PrepareTransition which could have been Finish (though no real VDAFs do so). Now, we only call prepare_init, and the return value is a (PrepareState, PrepareShare) tuple -- i.e. there is no way for the VDAF interface to signal that initialization led to a finished VDAF run.
That is, this code got removed because the Rust compiler noticed saw_finish variable had become read-only (and would always be false); the check was dead code. Note that we still have the equivalent check in the "aggregate continue" code, around L1081.
(Random thought: while it IMO makes sense for VDAFs to not be able to finish without a round of communication, I wonder if DAFs could have been implemented by allowing prepare_init to immediately transition to a finished state.)
There was a problem hiding this comment.
Ah, thanks for the context, SGTM
This version of libprio-rs implements draft-irtf-cfrg-vdaf-01, which is
the version we are targeting for interop tests.
This change is large but mostly-mechanical. A large number of line
changes are due to the new
Lconst generic parameter to the VDAFAggregator trait. This parameter is effectively the underlying PRG's
seed size. Unfortunately, Rust currently doesn't allow const generic
parameters to be inferred; there is an open issue to resolve this, but
it doesn't appear to have received much attention thus far[1].
[1] rust-lang/rust#80528