v4.0.0

Author: notatestuser

.github/workflows/gofmt.yml

@@ -0,0 +1,19 @@
+name: Go-fmt
+on: push
+jobs:
+  gofmt:
+    name: Run Gofmt
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Harden the runner (Audit all outbound calls)
+        uses: step-security/harden-runner@f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a # v2.13.1
+        with:
+          egress-policy: audit
+
+      - uses: actions/checkout@v5
+      - uses: actions/setup-go@v5
+        with:
+          go-version: 'stable'
+
+      - uses: Jerome1337/gofmt-action@d5eabd189843f1d568286a54578159978b7c0fb1 # v1.0.5

.github/workflows/govulncheck.yml

@@ -0,0 +1,25 @@
+name: Go Vulnerability Check
+on:
+  schedule:
+    - cron: '0 0 * * 0'  # Runs every Sunday at 12:00 AM (UTC)
+  push:
+    branches:
+    - master
+    - release/*
+  pull_request:
+    branches:
+    - master
+
+jobs:
+  govulncheck:
+    name: Run govulncheck
+    runs-on: ubuntu-latest
+    steps:
+      - name: Harden the runner (Audit all outbound calls)
+        uses: step-security/harden-runner@f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a # v2.13.1
+        with:
+          egress-policy: audit
+
+      - uses: actions/checkout@v5
+      - uses: golang/govulncheck-action@b625fbe08f3bccbe446d94fbf87fcc875a4f50ee # v1.0.4
+

.github/workflows/test.yml

@@ -0,0 +1,31 @@
+name: Go Test
+on:
+  push:
+    branches:
+    - master
+    - release/*
+  pull_request:
+    branches:
+    - master
+
+permissions:
+  contents: read
+
+jobs:
+  test:
+    name: Run Tests
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Harden the runner (Audit all outbound calls)
+        uses: step-security/harden-runner@f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a # v2.13.1
+        with:
+          egress-policy: audit
+
+      - uses: actions/checkout@v5
+      - uses: actions/setup-go@v5
+        with:
+          go-version: 'stable'
+
+      - name: Run Tests
+        run: make test_ci

.gitignore

@@ -0,0 +1,27 @@
+build
+vendor
+benchdata
+.DS_Store
+
+# Binaries for programs and plugins
+*.exe
+*.exe~
+*.dll
+*.so
+*.dylib
+
+# Test binary, build with `go test -c`
+*.test
+
+# Output of the go coverage tool, specifically when used with LiteIDE
+*.out
+
+# IDE
+.idea/*
+!.idea/copyright/
+!.idea/codeStyles/
+*.swp
+.vscode/*.json
+
+# Test fixtures
+test/*fixtures/*.json

.gitlab-ci.yml

@@ -0,0 +1,29 @@
+image: golang:latest
+
+variables:
+  # Please edit to your GitLab project
+  REPO_NAME: gitlab.com/thorchaintss/tss-lib
+
+# The problem is that to be able to use go get, one needs to put
+# the repository in the $GOPATH. So for example if your gitlab domain
+# is gitlab.com, and that your repository is namespace/project, and
+# the default GOPATH being /go, then you'd need to have your
+# repository in /go/src/gitlab.com/namespace/project
+# Thus, making a symbolic link corrects this.
+before_script:
+  - mkdir -p $GOPATH/src/$(dirname $REPO_NAME)
+  - ln -svf $CI_PROJECT_DIR $GOPATH/src/$REPO_NAME
+  - cd $GOPATH/src/$REPO_NAME
+
+stages:
+  - test
+
+
+unit_tests:
+  stage: test
+  coverage: '/total:\s+\(statements\)\s+(\d+.\d+\%)/'
+  script:
+    - go test -timeout 60m  -race  -v -coverprofile=coverage.out ./...
+    - go tool cover -func=coverage.out
+
+

.idea/codeStyles/Project.xml

@@ -0,0 +1,23 @@
+MIT License
+
+Copyright (c) 2021 Io FinNet Group, Inc.
+Copyright (c) 2021 Swingby
+Copyright (c) 2019 Binance
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

.idea/codeStyles/codeStyleConfig.xml

@@ -0,0 +1,82 @@
+MODULE = github.com/iofinnet/tss-lib/v3
+PACKAGES = $(shell go list ./... | grep -v '/vendor/')
+UT_TIMEOUT = -timeout 60m
+UT_COVER = -covermode=atomic -cover
+UT_PACKAGES_LEVEL_0 = $(shell go list ./... | grep -v '/vendor/' | grep 'keygen' )
+UT_PACKAGES_LEVEL_1 = $(shell go list ./... | grep -v '/vendor/' | grep -v 'keygen'  )
+
+all: protob test
+
+########################################
+### Protocol Buffers
+
+protob:
+	@echo "--> Building Protocol Buffers using buf"
+	@go tool buf generate
+
+########################################
+### Format
+
+fmt:
+	@go fmt ./...
+
+lint:
+	@golangci-lint run
+
+build: protob
+	go fmt ./...
+
+########################################
+### Testing
+
+test_unit_level0:
+	@echo "--> Running Unit Tests - Level 0"
+	@echo "!!! WARNING: This will take a long time :|"
+	@echo "!!! WARNING: This will delete fixtures"
+	go clean -testcache
+	rm -f ./test/_ecdsa_fixtures/*json
+	rm -f ./test/_schnorr_fixtures/*json
+	go test -failfast ${UT_TIMEOUT} ${UT_COVER} $(UT_PACKAGES_LEVEL_0)
+
+
+test_unit: test_unit_level0
+	@echo "--> Running Unit Tests - Level 1"
+	@echo "!!! WARNING: This will take a long time :|"
+	go test -failfast ${UT_TIMEOUT} ${UT_COVER} $(UT_PACKAGES_LEVEL_1)
+
+test_unit_race_level0:
+	@echo "--> Running Unit Tests (with Race Detection) - Level 0"
+	@echo "!!! WARNING: This will take a long time :|"
+	@echo "!!! WARNING: This will delete fixtures"
+	go clean -testcache
+	rm -f ./test/_ecdsa_fixtures/*json
+	rm -f ./test/_schnorr_fixtures/*json
+	go test -failfast -race ${UT_TIMEOUT} $(UT_PACKAGES_LEVEL_0)
+
+test_unit_race: test_unit_race_level0
+	@echo "--> Running Unit Tests (with Race Detection) - Level 1"
+	@echo "!!! WARNING: This will take a long time :|"
+	go test -failfast -race ${UT_TIMEOUT} ${UT_COVER} $(UT_PACKAGES_LEVEL_1)
+
+test_unit_race_ci: test_unit_race_level0
+	@echo "--> Running Unit Tests (with Race Detection) - Level 1"
+	@echo "!!! WARNING: This will take a long time :|"
+	go test -failfast -race ${UT_TIMEOUT} $(UT_PACKAGES_LEVEL_1)
+
+test:
+	make test_unit_race
+
+test_ci:
+	make test_unit_race_ci
+
+########################################
+### Pre Commit
+
+pre_commit: build test
+
+########################################
+
+# To avoid unintended conflicts with file names, always add to .PHONY
+# # unless there is a reason not to.
+# # https://www.gnu.org/software/make/manual/html_node/Phony-Targets.html
+.PHONY: protob build test test_ci test_unit test_unit_race

LICENSE

@@ -0,0 +1,11 @@
+# Security Policy
+
+## Reporting a Bug or Vulnerability
+
+For non-security problems please open an issue in this GitHub repository.
+
+If you find any security issues please send a report confidentially to security@binance.com.
+
+Please include notes about the impact of the issue and a walkthrough on how it can be exploited.
+
+For severe security issues that completely breach the safety of the scheme or leak the secret shares we would be happy to reward you with a bounty based on the security impact and severity. Please include a link to this notice in your email.