Skip to content

Compress ElGamal Public Keys and Pedersen Commitments + Add Validation#6385

Merged
shawnxie999 merged 3 commits intoXRPLF:ripple/confidential-transferfrom
shawnxie999:ct-use-compress-pk
Feb 19, 2026
Merged

Compress ElGamal Public Keys and Pedersen Commitments + Add Validation#6385
shawnxie999 merged 3 commits intoXRPLF:ripple/confidential-transferfrom
shawnxie999:ct-use-compress-pk

Conversation

@shawnxie999
Copy link
Collaborator

@shawnxie999 shawnxie999 commented Feb 18, 2026

High Level Overview of Change

Summary

Reduces storage size for ElGamal public keys and Pedersen commitments from 64 bytes to 33 bytes by using compressed EC point format. Adds validation to ensure these fields contain valid EC points before storing on ledger.

Changes

Field Size Reduction

Field Before After
sfHolderElGamalPublicKey 64 bytes 33 bytes
sfIssuerElGamalPublicKey 64 bytes 33 bytes
sfAuditorElGamalPublicKey 64 bytes 33 bytes
sfBalanceCommitment 64 bytes 33 bytes
sfAmountCommitment 64 bytes 33 bytes

Validation

  • Added isValidPublicKey() and isValidCommitment() functions
  • Preflight now validates that public keys and commitments are parseable compressed EC points
  • Invalid values rejected with temMALFORMED

Affected Transactions

  • ConfidentialMPTConvert - validates holder public key
  • MPTokenIssuanceSet - validates issuer and auditor public keys
  • ConfidentialMPTSend - validates amount and balance commitments
  • ConfidentialMPTConvertBack - validates balance commitment

Breaking Changes

  • Public keys and commitments must now be 33-byte compressed format (use secp256k1_ec_pubkey_serialize with SECP256K1_EC_COMPRESSED)
  • Malformed EC points now fail preflight instead of being stored

Type of Change

  • Bug fix (non-breaking change which fixes an issue)
  • New feature (non-breaking change which adds functionality)
  • Breaking change (fix or feature that would cause existing functionality to not work as expected)
  • Refactor (non-breaking change that only restructures code)
  • Performance (increase or change in throughput and/or latency)
  • Tests (you added tests for code that already exists, or your new feature included in this PR)
  • Documentation update
  • Chore (no impact to binary, e.g. .gitignore, formatting, dropping support for older tooling)
  • Release

API Impact

  • Public API: New feature (new methods and/or new fields)
  • Public API: Breaking change (in general, breaking changes should only impact the next api_version)
  • libxrpl change (any change that may affect libxrpl or dependents of libxrpl)
  • Peer protocol change (must be backward compatible or bump the peer protocol version)

@shawnxie999 shawnxie999 changed the title use compressed pk Update pubkey and commitments to use compressed format Feb 18, 2026
@shawnxie999 shawnxie999 marked this pull request as ready for review February 18, 2026 22:33
@shawnxie999 shawnxie999 changed the title Update pubkey and commitments to use compressed format Compress ElGamal Public Keys and Pedersen Commitments + Add Validation Feb 18, 2026
@codecov
Copy link

codecov bot commented Feb 18, 2026

Codecov Report

❌ Patch coverage is 92.00000% with 2 lines in your changes missing coverage. Please review.
✅ Project coverage is 80.1%. Comparing base (67e8e89) to head (014d711).
⚠️ Report is 122 commits behind head on ripple/confidential-transfer.

Files with missing lines Patch % Lines
src/libxrpl/protocol/ConfidentialTransfer.cpp 90.0% 2 Missing ⚠️
Additional details and impacted files

Impacted file tree graph

@@                      Coverage Diff                       @@
##           ripple/confidential-transfer   #6385     +/-   ##
==============================================================
+ Coverage                          79.1%   80.1%   +0.9%     
==============================================================
  Files                               850     852      +2     
  Lines                             72015   66305   -5710     
  Branches                           8385    7251   -1134     
==============================================================
- Hits                              56975   53085   -3890     
+ Misses                            15040   13220   -1820     
Files with missing lines Coverage Δ
include/xrpl/protocol/ConfidentialTransfer.h 100.0% <ø> (ø)
include/xrpl/protocol/Protocol.h 100.0% <ø> (ø)
src/xrpld/app/tx/detail/ConfidentialMPTConvert.cpp 93.3% <100.0%> (ø)
...xrpld/app/tx/detail/ConfidentialMPTConvertBack.cpp 93.8% <100.0%> (ø)
src/xrpld/app/tx/detail/ConfidentialMPTSend.cpp 90.7% <100.0%> (ø)
src/xrpld/app/tx/detail/MPTokenIssuanceSet.cpp 98.4% <100.0%> (-0.5%) ⬇️
src/libxrpl/protocol/ConfidentialTransfer.cpp 91.5% <90.0%> (+21.2%) ⬆️

... and 753 files with indirect coverage changes

Impacted file tree graph

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

Copy link
Collaborator

@yinyiqian1 yinyiqian1 Feb 18, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The secp256k1 compressed buffer have fixed prefix, do you think it is worth adding the check as well, so that we can fail fast before the parse

Copy link
Collaborator

@yinyiqian1 yinyiqian1 Feb 18, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We can use the same valid check for ec pub key and commitment. Please rename if you have better choice.

bool
isValidSecp256k1Point(Slice const& buffer)
{
    // some checks
   ...
    return secp256k1_ec_pubkey_parse(
        secp256k1Context(), &point, buffer.data(), ecPubKeyLength) == 1;
}

or we can

@shawnxie999 shawnxie999 merged commit b2c434d into XRPLF:ripple/confidential-transfer Feb 19, 2026
61 of 70 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants

Comments