Add more tests and documentation to increase coverage.

Author: mmaker

src/arthur.rs

@@ -71,14 +71,14 @@ where
     }
 }
 
-impl<U, H, D> From<D> for Arthur<H, U, DefaultRng>
+impl<U, H, B> From<B> for Arthur<H, U, DefaultRng>
 where
     U: Unit,
     H: DuplexHash<U>,
-    D: core::ops::Deref<Target = IOPattern<H, U>>,
+    B: core::borrow::Borrow<IOPattern<H, U>>,
 {
-    fn from(pattern: D) -> Self {
-        Arthur::new(pattern.deref(), DefaultRng::default())
+    fn from(pattern: B) -> Self {
+        Arthur::new(pattern.borrow(), DefaultRng::default())
     }
 }
 
@@ -127,12 +127,12 @@ where
         // let serialized = bincode::serialize(input).unwrap();
         // self.arthur.sponge.absorb_unchecked(&serialized);
         let old_len = self.transcript.len();
+        self.safe.absorb(input)?;
         // write never fails on Vec<u8>
         U::write(input, &mut self.transcript).unwrap();
         self.rng
             .sponge
             .absorb_unchecked(&self.transcript[old_len..]);
-        self.safe.absorb(input)?;
 
         Ok(())
     }

src/iopattern.rs

@@ -183,7 +183,7 @@ impl<H: DuplexHash<U>, U: Unit> IOPattern<H, U> {
 
     /// Create an [`crate::Arthur`] instance from the IO Pattern.
     pub fn to_arthur(&self) -> crate::Arthur<H, U, crate::DefaultRng> {
-        crate::Arthur::new(self, crate::DefaultRng::default())
+        self.into()
     }
 
     /// Create a [`crate::Merlin`] instance from the IO Pattern and the protocol transcript (bytes).

src/lib.rs

@@ -26,10 +26,9 @@
 //! easy an easier inspection of the Fiat-Shamir transform.
 //!
 //! ```
-//! use nimue::IOPattern;
-//! use nimue::hash::Keccak;
+//! use nimue::{IOPattern, DefaultHash};
 //!
-//! let io = IOPattern::<Keccak>::new("👩‍💻🥷🏻👨‍💻 building 🔐🔒🗝️")
+//! let io = IOPattern::<DefaultHash>::new("👩‍💻🥷🏻👨‍💻 building 🔐🔒🗝️")
 //!         // this indicates the prover is sending 10 elements (bytes)
 //!         .absorb(10, "first")
 //!         // this indicates the verifier is sending 10 elements (bytes)
@@ -57,7 +56,6 @@
 //! build the protocol transcript, and seed the private randomness for the prover.
 //!
 //! ```
-//! use nimue::{IOPattern, Arthur};
 //! use nimue::*;
 //! use rand::Rng;
 //!

src/plugins/ark/poseidon/mod.rs

@@ -1,4 +1,4 @@
-//! This code has been blatantly stolen from `ark-crypto-primitive::sponge``
+//! This code has been blatantly stolen from `ark-crypto-primitive::sponge`
 //! from William Lin, with contributions from Pratyush Mishra, Weikeng Chen, Yuwen Zhang, Kristian Sosnin, Merlyn, Wilson Nguyen, Hossein Moghaddas, and others.
 use ark_ff::PrimeField;
 

src/tests.rs

@@ -1,19 +1,53 @@
+use rand::RngCore;
+
 use crate::hash::keccak::Keccak;
 use crate::hash::legacy::DigestBridge;
-use crate::{Arthur, ByteChallenges, ByteWriter, DuplexHash, IOPattern, Safe};
+use crate::{Arthur, ByteChallenges, BytePublic, ByteWriter, DuplexHash, IOPattern, Safe};
 
 type Sha2 = DigestBridge<sha2::Sha256>;
 type Blake2b512 = DigestBridge<blake2::Blake2b512>;
 type Blake2s256 = DigestBridge<blake2::Blake2s256>;
 
-/// How should a protocol without IOPattern be handled?
+/// How should a protocol without actual IO be handled?
 #[test]
 fn test_iopattern() {
     // test that the byte separator is always added
     let iop = IOPattern::<Keccak>::new("example.com");
     assert!(iop.as_bytes().starts_with(b"example.com"));
 }
 
+
+/// Test Arthur's rng is not doing completely stupid things.
+#[test]
+fn test_arthur_rng_basic() {
+    let iop = IOPattern::<Keccak>::new("example.com");
+    let mut arthur = iop.to_arthur();
+    let rng = arthur.rng();
+
+    let mut random_bytes = [0u8; 32];
+    rng.fill_bytes(&mut random_bytes);
+    let random_u32 = rng.next_u32();
+    let random_u64 = rng.next_u64();
+    assert_ne!(random_bytes, [0u8; 32]);
+    assert_ne!(random_u32, 0);
+    assert_ne!(random_u64, 0);
+    assert!(random_bytes.iter().any(|&x| x != random_bytes[0]));
+}
+
+
+#[test]
+fn test_arthur_add() {
+    let iop = IOPattern::<Keccak>::new("example.com").absorb(1, "🥕");
+    let mut arthur = iop.to_arthur();
+    assert!(arthur.add_units(&[0u8]).is_ok());
+    assert!(arthur.add_units(&[1u8]).is_err());
+    assert_eq!(arthur.transcript(), b"\0", "Protocol Transcript survives errors");
+
+    let mut arthur = iop.to_arthur();
+    assert!(arthur.public_bytes(&[0u8]).is_ok());
+    assert_eq!(arthur.transcript(), b"");
+}
+
 /// A protocol flow that does not match the IOPattern should fail.
 #[test]
 #[should_panic]