Skip to content

Check for contributory behavior in our 3DH and double ratchet implementations#298

Open
poljar wants to merge 5 commits intomainfrom
poljar/was-contributory
Open

Check for contributory behavior in our 3DH and double ratchet implementations#298
poljar wants to merge 5 commits intomainfrom
poljar/was-contributory

Conversation

@poljar
Copy link
Collaborator

@poljar poljar commented Feb 19, 2026

No description provided.

@poljar poljar requested a review from dkasak as a code owner February 19, 2026 13:02
@poljar poljar mentioned this pull request Feb 19, 2026
Closed
@codspeed-hq
Copy link

codspeed-hq bot commented Feb 19, 2026
edited
Loading

Merging this PR will not alter performance

✅ 6 untouched benchmarks

Comparing poljar/was-contributory (e09af80) with main (a4807ce)

Open in CodSpeed

@codecov-commenter
Copy link

codecov-commenter commented Feb 19, 2026
edited
Loading

Codecov Report

❌ Patch coverage is 88.53503% with 18 lines in your changes missing coverage. Please review.
✅ Project coverage is 91.05%. Comparing base (a4807ce) to head (e09af80).
✅ All tests successful. No failed tests found.

Files with missing lines Patch % Lines
src/olm/session/double_ratchet.rs 86.36% 2 Missing and 4 partials ⚠️
src/olm/account/mod.rs 88.88% 3 Missing and 2 partials ⚠️
src/olm/shared_secret.rs 88.57% 0 Missing and 4 partials ⚠️
src/olm/session/mod.rs 88.23% 1 Missing and 1 partial ⚠️
src/olm/session/root_key.rs 88.88% 0 Missing and 1 partial ⚠️
Additional details and impacted files 
@@            Coverage Diff             @@
##             main     #298      +/-   ##
==========================================
+ Coverage   90.71%   91.05%   +0.33%     
==========================================
  Files          34       34              
  Lines        4965     4984      +19     
  Branches     4965     4984      +19     
==========================================
+ Hits         4504     4538      +34     
+ Misses        297      280      -17     
- Partials      164      166       +2

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

@poljar poljar force-pushed the poljar/was-contributory branch 2 times, most recently from 3078c72 to e09af80 Compare February 19, 2026 13:11
@poljar
feat: Check for contributory behavior in the double ratchet DH ratche…
2bc1010 
…ting step
@poljar
fix: Consolidate the usage of the contributory behavior check
8ea39d5 
This ensures that wherever the Curve25519SecretKey type is used, we're
also checking for contributory behavior of the public key.
@poljar
Add a changelog entry about the was_contributory checks
e09af80
soatok
soatok reviewed Feb 19, 2026
View reviewed changes
src/olm/account/mod.rs

let message = "It's a secret to everybody";
let olm_message: LibolmOlmMessage = alice_session.encrypt(message).into();
let olm_message: LibolmOlmMessage = alice_session.encrypt(message).unwrap().into();

This comment was marked as resolved.

Sign in to view

Copy link

@soatok soatok Feb 19, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ah, so it is.

Copy link
Collaborator Author

@poljar poljar Feb 19, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

To remove confusion in case other passer-by readers arrive, tests and benchmarks are using unwrap() calls.

As to why #297 wasn't complete:

  1. It introduced a new private API which does the was_contributory() check.
  2. It marked the existing private API as deprecated.
  3. The rest of the 3DH implementation would have still used the method without the was_contributory() check.
  4. The double ratchet implementation does a Diffie-Hellman computation as well, which wasn't modified to do a was_contributory() check.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@dkasak dkasak Awaiting requested review from dkasak dkasak is a code owner

1 more reviewer

@soatok soatok soatok left review comments

Reviewers whose approvals may not affect merge requirements

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@poljar @codecov-commenter @soatok

Comments