From e5ac9aeec9771762ea72a9347b66c9ec7d7269e9 Mon Sep 17 00:00:00 2001
From: Joey Yandle <xoloki@gmail.com>
Date: Mon, 4 Nov 2024 12:50:49 -0500
Subject: [PATCH] chain AesGcmError into signer error; comment on why unwraps
 should not fail

---
 src/compute.rs                  |  4 ++++
 src/state_machine/signer/mod.rs | 14 +++++++++++++-
 2 files changed, 17 insertions(+), 1 deletion(-)

diff --git a/src/compute.rs b/src/compute.rs
index 37fed6ad..b7d6aee8 100644
--- a/src/compute.rs
+++ b/src/compute.rs
@@ -162,6 +162,10 @@ pub fn tweaked_public_key(public_key: &Point, merkle_root: Option<[u8; 32]>) ->
 }
 
 /// Create a BIP341 compliant taproot tweak from a public key and a pre-calculated tweak
+///
+/// We should never trigger the unwrap here, because Point::lift_x only returns an error
+/// when the x-coordinate is not on the secp256k1 curve, but we know that public_key.x()
+/// is on the curve because it is a Point.
 pub fn tweaked_public_key_from_tweak(public_key: &Point, tweak: Scalar) -> Point {
     Point::lift_x(&public_key.x()).unwrap() + tweak * G
 }
diff --git a/src/state_machine/signer/mod.rs b/src/state_machine/signer/mod.rs
index 64903348..cc2e4ed5 100644
--- a/src/state_machine/signer/mod.rs
+++ b/src/state_machine/signer/mod.rs
@@ -1,3 +1,4 @@
+use aes_gcm::Error as AesGcmError;
 use hashbrown::{HashMap, HashSet};
 use rand_core::{CryptoRng, OsRng, RngCore};
 use std::collections::BTreeMap;
@@ -58,6 +59,15 @@ pub enum Error {
     /// A bad state change was made
     #[error("Bad State Change: {0}")]
     BadStateChange(String),
+    /// An AES-GCM error occurred
+    #[error("AES-GCM: {0}")]
+    AesGcm(AesGcmError),
+}
+
+impl From<AesGcmError> for Error {
+    fn from(err: AesGcmError) -> Self {
+        Error::AesGcm(err)
+    }
 }
 
 /// The saved state required to reconstruct a signer
@@ -684,11 +694,12 @@ impl<SignerType: SignerTrait> Signer<SignerType> {
                     debug!("encrypting dkg private share for key_id {}", dst_key_id);
                     let compressed =
                         Compressed::from(self.public_keys.key_ids[dst_key_id].to_bytes());
+                    // this should not fail as long as the public key above was valid
                     let dst_public_key = Point::try_from(&compressed).unwrap();
                     let shared_secret =
                         make_shared_secret(&self.network_private_key, &dst_public_key);
                     let encrypted_share =
-                        encrypt(&shared_secret, &private_share.to_bytes(), &mut rng).unwrap();
+                        encrypt(&shared_secret, &private_share.to_bytes(), &mut rng)?;
 
                     encrypted_shares.insert(*dst_key_id, encrypted_share);
                 }
@@ -748,6 +759,7 @@ impl<SignerType: SignerTrait> Signer<SignerType> {
         // make a HashSet of our key_ids so we can quickly query them
         let key_ids: HashSet<u32> = self.signer.get_key_ids().into_iter().collect();
         let compressed = Compressed::from(self.public_keys.signers[&src_signer_id].to_bytes());
+        // this should not fail as long as the public key above was valid
         let public_key = Point::try_from(&compressed).unwrap();
         let shared_key = self.network_private_key * public_key;
         let shared_secret = make_shared_secret(&self.network_private_key, &public_key);