test(corona): argument-validation tests for Bootstrap/Reshare/Reanchor + alias surface#22
Open
abhicris wants to merge 1 commit into
Open
Conversation
…r + alias surface
protocols/corona/ shipped without a dedicated _test.go file. The
alias surface (Bootstrap, Reshare, Reanchor, ShareForParty,
GenerateKeys, NewParams, validatorIDs) does real argument validation
before delegating to luxfi/corona kernel, but none of those guards
were pinned by tests.
Adds protocols/corona/corona_test.go (17 tests, all PASS in 0.018s):
Bootstrap (4):
- rejects empty validators -> ErrEmptyValidators
- rejects t=0 -> ErrInvalidThreshold
- rejects t>n -> ErrInvalidThreshold
- nil entropy does NOT panic (falls back to crypto/rand.Reader)
Reshare (3):
- rejects nil KeyEra
- rejects nil-era + nil validators
- rejects nil-era + threshold > n=1
Reanchor (3):
- rejects empty validators -> ErrEmptyValidators
- rejects t=0 -> ErrInvalidThreshold
- rejects t>n -> ErrInvalidThreshold
ShareForParty (3):
- nil state -> error mentioning nil-share-state
- party not in set -> ErrPartyNotInSet (error mentions the missing id)
- happy path returns the exact same KeyShare pointer
Alias surface (2):
- NewParams returns non-nil Params with no error
- GenerateKeys (2-of-3 trusted-dealer) returns 3 non-nil shares
plus a non-nil GroupKey from a deterministic seed
validatorIDs unexported helper (2):
- preserves order and length for non-empty input
- returns non-nil empty slice for nil input
Run:
go test ./protocols/corona/ -count=1 -v -timeout 120s
PASS - 17/17, 0.018s
No changes to non-test files; no regression in the existing suite
(which had no corona tests to regress).
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
protocols/corona/shipped without a dedicated_test.gofile. The alias surface (Bootstrap,Reshare,Reanchor,ShareForParty,GenerateKeys,NewParams,validatorIDs) does real argument validation before delegating to theluxfi/coronakernel, but none of those guards were pinned by tests. Corona is the R-LWE primitive in the Polaris triple-PQ profile (BLS ‖ Pulsar ‖ Corona ‖ Magnetar) — the alias surface here is whatluxfi/consensusimports, so its validation contracts are part of the chain-facing API.What this PR adds
protocols/corona/corona_test.go— 17 tests, all PASS in 0.018s.Bootstrap (4)
ErrEmptyValidatorsErrInvalidThresholdErrInvalidThresholdcrypto/rand.Reader)Reshare (3)
KeyEra→ error mentioning "nil key era"Reanchor (3)
ErrEmptyValidatorsErrInvalidThresholdErrInvalidThresholdShareForParty (3)
ErrPartyNotInSet(error mentions the missing id)*KeySharepointerAlias surface (2)
NewParamsreturns non-nil*Paramswith no errorGenerateKeys(2-of-3 trusted-dealer) returns 3 non-nil shares + non-nil*GroupKeyfrom a deterministic seedvalidatorIDsunexported helper (2)Verification
No changes to non-test files. No regression in the existing suite (there was no corona test coverage to regress).
Notes
corona(notcorona_test) so the unexportedvalidatorIDshelper can be reached. The two failing-case tests forReshareusenilKeyErainstead of constructing a synthetic one — building a real*KeyErafor failure paths is out of scope; the nil-era guard covers the validation surface for those branches.Bootstrap_NilEntropyDefaultsToCryptoRandtest logs (not fails) when the kernel returns an unrelated error in the constrained CI env — the contract being pinned is no panic on nil entropy.