### Install Vusi with Multiple Features Source: https://deepwiki.com/oritwoen/vusi/1.1-installation Install Vusi from crates.io with multiple optional features enabled simultaneously. This example enables both 'polynonce' and 'biased-nonce'. ```bash cargo install vusi --features polynonce,biased-nonce ``` -------------------------------- ### Install Vusi from Local Source Source: https://deepwiki.com/oritwoen/vusi/1.1-installation Installs Vusi from a local source directory after building. This compiles the project and installs the binary to '~/.cargo/bin/', making it available in the system's PATH. ```bash cargo install --path . ``` -------------------------------- ### Install Vusi with Single Feature Source: https://deepwiki.com/oritwoen/vusi/1.1-installation Install Vusi from crates.io with a specific optional feature enabled. This example enables the 'polynonce' feature. ```bash cargo install vusi --features polynonce ``` -------------------------------- ### Install Rust Toolchain Source: https://deepwiki.com/oritwoen/vusi/1.1-installation Installs the Rust toolchain using the official rustup script. This is a prerequisite for most installation methods. ```bash curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh ``` -------------------------------- ### Example JSON Output Source: https://deepwiki.com/oritwoen/vusi/2.3-output-formats A complete example of the JSON output, illustrating the structure of vulnerabilities and summary. ```json { "vulnerabilities": [ { "type": "nonce-reuse", "confidence": 1.0, "signatures_count": 2, "pubkey": null, "r_value": "6819641642398093696120236467967538361543858578256722584730163952555838220871", "recovered_key": { "private_key_decimal": "62958994860637178871299877498639209302063112480839791435318431648713002718353", "private_key_hex": "8b7ae721a40121c38ec3b21e28e44a28d9da2a6b61f68b79b3f7ead851bc0791" }, "recovery_status": "recovered", "recovery_reason": null } ], "summary": { "total_signatures": 2, "vulnerabilities_found": 1, "keys_recovered": 1 } } ``` -------------------------------- ### Verify VUSI Version Source: https://deepwiki.com/oritwoen/vusi/1.1-installation Run this command after installation to check the installed VUSI version. Ensures the binary is accessible and functioning. ```bash vusi --version ``` -------------------------------- ### Install Vusi using AUR helper Source: https://deepwiki.com/oritwoen/vusi/1.1-installation Installs Vusi from the Arch User Repository using an AUR helper like 'yay'. This is convenient for Arch Linux users. ```bash yay -S vusi ``` -------------------------------- ### No Vulnerabilities Found Example Source: https://deepwiki.com/oritwoen/vusi/2.3-output-formats This example demonstrates the output when the analysis finds no vulnerabilities. It simply indicates the number of signatures analyzed and that no issues were found. ```text Analyzed 2 signatures No vulnerabilities found. ``` -------------------------------- ### Vulnerability Found Example Source: https://deepwiki.com/oritwoen/vusi/2.3-output-formats This example shows the output when one or more vulnerabilities are detected. It includes details like type, confidence, signatures, R value, status, and recovered private key. ```text Analyzed 2 signatures Found 1 vulnerabilities: Vulnerability #1 Type: nonce-reuse Confidence: 1.0 Signatures: 2 R Value: 6819641642398093696120236467967538361543858578256722584730163952555838220871 Status: recovered Private Key (decimal): 62958994860637178871299877498639209302063112480839791435318431648713002718353 Private Key (hex): 8b7ae721a40121c38ec3b21e28e44a28d9da2a6b61f68b79b3f7ead851bc0791 ``` -------------------------------- ### Install Vusi from AUR manually Source: https://deepwiki.com/oritwoen/vusi/1.1-installation Manually installs Vusi from the Arch User Repository by cloning the repository and using makepkg. This method provides more control. ```bash git clone https://aur.archlinux.org/vusi.git cd vusi makepkg -si ``` -------------------------------- ### Install GMP Development Library on Debian/Ubuntu Source: https://deepwiki.com/oritwoen/vusi/1.1-installation Install the GMP development library, a dependency for the 'biased-nonce' feature, on Debian or Ubuntu systems. ```bash sudo apt-get install libgmp-dev ``` -------------------------------- ### Run All Tests Source: https://deepwiki.com/oritwoen/vusi/6-development-guide Execute all tests in the project. Ensure you have the Rust toolchain and `just` installed. ```bash just test ``` -------------------------------- ### Build Vusi from Source with Single Feature Source: https://deepwiki.com/oritwoen/vusi/1.1-installation Build Vusi from source with a specific optional feature enabled. This example enables the 'biased-nonce' feature during the build process. ```bash cargo build --release --features biased-nonce ``` -------------------------------- ### Install Vusi using Cargo Source: https://deepwiki.com/oritwoen/vusi/1.1-installation Installs the latest stable release of Vusi directly from crates.io using the Cargo package manager. This is the simplest method for end-users. ```bash cargo install vusi ``` -------------------------------- ### Verify Rust Installation Source: https://deepwiki.com/oritwoen/vusi/1.1-installation Checks the installed versions of the Rust compiler and Cargo. Ensures the Rust toolchain is set up correctly. ```bash rustc --version cargo --version ``` -------------------------------- ### Install GMP Development Library on macOS Source: https://deepwiki.com/oritwoen/vusi/1.1-installation Install the GMP development library, a dependency for the 'biased-nonce' feature, on macOS systems using Homebrew. ```bash brew install gmp ``` -------------------------------- ### JSON Output Example Source: https://deepwiki.com/oritwoen/vusi/2-cli-user-guide Illustrates how to enable JSON output for the CLI using the --json flag. This format is useful for programmatic processing of the analysis results. ```bash $ vusi analyze signatures.json --json ``` -------------------------------- ### Install GMP Development Library on Arch Linux Source: https://deepwiki.com/oritwoen/vusi/1.1-installation Install the GMP development library, a dependency for the 'biased-nonce' feature, on Arch Linux systems. ```bash sudo pacman -S gmp ``` -------------------------------- ### vusi analyze Command: Nonce Reuse Attack (Default) Source: https://deepwiki.com/oritwoen/vusi/9-reference Example of running the 'analyze' command with default settings, which targets the 'nonce-reuse' attack. ```bash vusi analyze [INPUT] ``` -------------------------------- ### Good Commit Message Example Source: https://deepwiki.com/oritwoen/vusi/8-contributing An example of a well-formatted commit message that follows the project's guidelines. It clearly explains the change and its context. ```git Add LSB biased nonce attack implementation Implements lattice-based attack for recovering private keys when nonces have known least significant bits. Uses LLL reduction via the rug crate. Related to #42 ``` -------------------------------- ### Check VUSI Binary Location Source: https://deepwiki.com/oritwoen/vusi/1.1-installation Use this command to confirm that the VUSI binary is included in your system's PATH. Common locations are listed for different installation methods. ```bash which vusi ``` -------------------------------- ### Run Linter with Strict Checks Source: https://deepwiki.com/oritwoen/vusi/6-development-guide Perform static analysis using `cargo clippy` with warnings treated as errors. Ensure `just` is installed. ```bash just clippy ``` -------------------------------- ### Install VUSI with Locked Dependencies Source: https://deepwiki.com/oritwoen/vusi/1.1-installation Use the --locked flag during installation to ensure exact dependency versions from Cargo.lock are used, preventing potential conflicts with newer versions. ```bash cargo install vusi --locked ``` -------------------------------- ### Scalar Conversion Example Source: https://deepwiki.com/oritwoen/vusi/9-reference Demonstrates parsing decimal strings into Scalar types and converting Scalars back to decimal and hex strings using helper functions. Requires the 'vusi::math' module and 'k256::Scalar'. ```rust use vusi::math::{parse_scalar_decimal, scalar_to_decimal_string}; use k256::Scalar; // Parse decimal string let scalar = parse_scalar_decimal("12345")?; // Convert back to string let decimal_str = scalar_to_decimal_string(&scalar); // For hex conversion (from main.rs pattern) let hex_str = hex::encode(scalar.to_bytes()); ``` -------------------------------- ### Bad Commit Message Examples Source: https://deepwiki.com/oritwoen/vusi/8-contributing Examples of commit messages that do not follow the project's guidelines. These are too vague and lack necessary detail. ```git fix bug update code wip ``` -------------------------------- ### Adding Optional Dependencies with Feature Flags Source: https://deepwiki.com/oritwoen/vusi/8-contributing Example of how to add an optional dependency to Cargo.toml and gate code using cfg attributes. ```toml [dependencies] my_dep = { version = "1.0", optional = true } [features] my_attack = ["my_dep"] ``` ```rust #[cfg(feature = "my_attack")] pub mod my_attack; ``` ```rust #[cfg(feature = "my_attack")] pub use my_attack::MyAttack; ``` -------------------------------- ### Generate Changelog Source: https://deepwiki.com/oritwoen/vusi/6-development-guide Automatically generate the `CHANGELOG.md` file using `git-cliff`. Ensure `git-cliff` is installed. ```bash just changelog ``` -------------------------------- ### Implement `detect()` Method for Nonce Reuse Attack Source: https://deepwiki.com/oritwoen/vusi/6.3-adding-new-attacks The core vulnerability detection logic. This example groups signatures by r-value and public key, filtering for groups with at least 2 signatures. ```rust fn detect(&self, signatures: &[Signature]) -> Vec { group_by_r_and_pubkey(signatures) .into_iter() .filter(|g| g.signatures.len() >= 2) // At least 2 signatures .map(|group| Vulnerability { attack_type: self.name().to_string(), group, }) .collect() } ``` -------------------------------- ### Example of Unknown Attack Type Error Source: https://deepwiki.com/oritwoen/vusi/2-cli-user-guide Demonstrates the error message when vusi is compiled without the 'polynonce' feature and an unknown attack type is specified. Shows how to check the exit code for errors. ```bash $ vusi analyze signatures.json --attack polynonce Error: Unknown attack type: polynonce $ echo $? ``` -------------------------------- ### Scalar Parsing Validation Examples Source: https://deepwiki.com/oritwoen/vusi/5.1-scalar-arithmetic Demonstrates valid and invalid inputs for scalar parsing, highlighting expected outcomes and error messages. ```rust "0" → Ok (for Z only) "123456789" → Ok "115792089237316..." → Ok (if < n) ``` ```rust "" → Err("Empty decimal string") "123abc" → Err("Invalid decimal string: only digits 0-9 allowed") "00123" → Err("Invalid decimal string: no leading zeros allowed") "115792089237316..." → Err("Value >= secp256k1 order n") (if value is n) "0" → Err("r and s values cannot be zero") (for RorS) ``` -------------------------------- ### Documentation Comments for Public APIs Source: https://deepwiki.com/oritwoen/vusi/8-contributing Standard format for documentation comments in Rust for public APIs. Includes sections for a brief description, detailed explanation, arguments, return values, examples, and errors. ```rust /// Brief one-line description /// /// More detailed explanation of the function's purpose, /// algorithms used, and any important considerations. /// /// # Arguments /// /// * `param1` - Description of first parameter /// * `param2` - Description of second parameter /// /// # Returns /// /// Description of return value /// /// # Examples /// /// ``` /// // Example usage /// ``` /// /// # Errors /// /// When this function returns an error (if applicable) ``` -------------------------------- ### Uninstall Vusi AUR Package Source: https://deepwiki.com/oritwoen/vusi/1.1-installation Remove Vusi if it was installed as an AUR package on Arch Linux. Use either `yay` or `pacman` for uninstallation. ```bash yay -R vusi # or sudo pacman -R vusi ``` -------------------------------- ### Test Basic VUSI Functionality Source: https://deepwiki.com/oritwoen/vusi/1.1-installation Execute this command to display the help message, verifying that the VUSI CLI is operational and correctly configured. ```bash vusi --help ``` -------------------------------- ### Build Vusi with All Attack Features Source: https://deepwiki.com/oritwoen/vusi/4-attack-types Enable all available attack features by building the Vusi project with the '--all-features' flag. ```bash cargo build --all-features ``` -------------------------------- ### Typical vusi Library Usage Source: https://deepwiki.com/oritwoen/vusi/1-overview This snippet shows the standard workflow for using vusi as a library. It involves loading signatures, creating an attack instance, detecting vulnerabilities, and attempting to recover private keys. Ensure the 'signatures.json' file exists and is correctly formatted. ```rust use vusi::attack::{Attack, NonceReuseAttack}; use vusi::provider::load_signatures; let signatures = load_signatures("signatures.json")?; let attack = NonceReuseAttack; let vulnerabilities = attack.detect(&signatures); for vuln in vulnerabilities { if let Some(key) = attack.recover(&vuln) { println!("Recovered key: {}", key.private_key_decimal); } } ``` -------------------------------- ### Execute Release Workflow Source: https://deepwiki.com/oritwoen/vusi/6-development-guide Initiate the multi-step release process for a new version. Requires `just`. ```bash just release X.Y.Z ``` -------------------------------- ### Basic vusi CLI Command Structure Source: https://deepwiki.com/oritwoen/vusi/9-reference Illustrates the fundamental structure for executing vusi commands, including the optional JSON output flag and the required command with its options. ```bash vusi [--json] [OPTIONS] ``` -------------------------------- ### Build Release Binary Source: https://deepwiki.com/oritwoen/vusi/6-development-guide Compile the project in release mode for optimized performance. Requires `just`. ```bash just build ``` -------------------------------- ### CLI Entry Point and Library Interface Source: https://deepwiki.com/oritwoen/vusi/7-architecture The vusi binary and library crate share core functionality. The binary uses a `Cli` struct with an `Analyze` command, while the library provides modules and types for programmatic access. ```Rust The CLI entry point calls `load_signatures()` to obtain `Vec`, instantiates an `Attack` implementation based on command-line flags, and calls `attack.detect()` followed by `attack.recover()` for each `Vulnerability`. Sources: 1-13 1-294 ``` -------------------------------- ### Build Vusi from Source with All Features Source: https://deepwiki.com/oritwoen/vusi/1.1-installation Build Vusi from source with all available optional features enabled. This command ensures all conditional compilation features are included. ```bash cargo build --release --all-features ``` -------------------------------- ### Clone Vusi Repository Source: https://deepwiki.com/oritwoen/vusi/8-contributing Clone your forked repository locally and navigate into the project directory. ```bash git clone https://github.com/YOUR_USERNAME/vusi.git cd vusi ``` -------------------------------- ### Uninstall Vusi Cargo Binary Source: https://deepwiki.com/oritwoen/vusi/1.1-installation Use this command to remove the Vusi binary installed via Cargo. It removes the executable from the default Cargo bin directory. ```bash cargo uninstall vusi ``` -------------------------------- ### Build Vusi with Polynonce Attack Feature Source: https://deepwiki.com/oritwoen/vusi/4-attack-types Enable the Polynonce attack by building the Vusi project with the 'polynonce' feature flag. ```bash cargo build --features polynonce ``` -------------------------------- ### Using Feature-Gated Attacks (Polynonce) Source: https://deepwiki.com/oritwoen/vusi/9-reference Demonstrates how to use the Polynonce attack, which requires the 'polynonce' feature flag to be enabled. Initializes the attack with a specified number of signatures. ```rust #[cfg(feature = "polynonce")] use vusi::attack::PolynonceAttack;   #[cfg(feature = "polynonce")] { let attack = PolynonceAttack::new(2); // quadratic polynonce let vulnerabilities = attack.detect(&signatures); } ``` -------------------------------- ### Project Structure Overview Source: https://deepwiki.com/oritwoen/vusi/6-development-guide This tree outlines the standard Rust project layout, including source code, tests, build automation, and configuration files. ```tree vusi/ ├── src/ # Source code │ ├── lib.rs # Public library API (struct names exported) │ ├── main.rs # CLI entrypoint (Cli struct, Args) │ ├── attack/ # Attack implementations │ │ ├── mod.rs # trait Attack definition │ │ ├── nonce_reuse.rs # NonceReuseAttack │ │ ├── polynonce.rs # PolynonceAttack (feature gated) │ │ └── biased_nonce.rs # BiasedNonceAttack (feature gated) │ ├── provider.rs # load_signatures, parse_signatures │ ├── signature.rs # Signature, SignatureInput, SignatureGroup │ └── math.rs # recover_nonce, recover_private_key ├── tests/ # Integration tests │ ├── integration.rs # CLI command tests │ └── fixtures/ # JSON/CSV test data ├── justfile # Task automation (just test, just build, etc.) ├── Cargo.toml # Package metadata, dependencies, features ├── Cargo.lock # Locked dependency tree (tracked in git) ├── PKGBUILD # Arch Linux package definition ├── CHANGELOG.md # Auto-generated version history └── CONTRIBUTING.md # Contribution guidelines ``` -------------------------------- ### Format Code Source: https://deepwiki.com/oritwoen/vusi/6-development-guide Maintain consistent code style by formatting the project with cargo fmt. ```bash cargo fmt ``` -------------------------------- ### vusi analyze Command Structure Source: https://deepwiki.com/oritwoen/vusi/9-reference Shows the basic syntax for the 'analyze' command, specifying the input source and available options for attack selection and configuration. ```bash vusi analyze [INPUT] [OPTIONS] ``` -------------------------------- ### Build Vusi for Release Source: https://deepwiki.com/oritwoen/vusi/1.1-installation Compiles the Vusi project in release mode with optimizations. This produces a faster, smaller binary located in 'target/release/vusi'. ```bash cargo build --release ``` -------------------------------- ### Use NonceReuseAttack Source: https://deepwiki.com/oritwoen/vusi/3-library-api Demonstrates how to instantiate and use the NonceReuseAttack. This attack is always available. ```rust use vusi::attack::{Attack, NonceReuseAttack}; let attack = NonceReuseAttack; println!("Attack: {}", attack.name()); println!("Minimum signatures: {}", attack.min_signatures()); ``` -------------------------------- ### Using anyhow::bail! for Custom Errors Source: https://deepwiki.com/oritwoen/vusi/7.2-data-flow-pipeline Demonstrates how to use `anyhow::bail!` to create and return custom errors for specific scenarios, such as an unknown attack parameter. This is typically used when a specific condition is met that prevents further processing. ```rust use anyhow::{bail, Context, Result}; fn select_attack(attack_name: &str) -> Result { match attack_name { "polynonce" => Ok(AttackType::Polynonce), "biased-nonce" => Ok(AttackType::BiasedNonce), // ... other attacks _ => bail!("Unknown attack: {}", attack_name), }.context("Failed to select attack") } fn main() { let attack_name = "invalid-attack"; match select_attack(attack_name) { Ok(attack) => println!("Selected attack: {:?}", attack), Err(e) => eprintln!("Error: {}", e), } } ``` -------------------------------- ### Development Tool Stack Source: https://deepwiki.com/oritwoen/vusi/6-development-guide This section lists the primary development tools and key project files used in VUSI. The 'justfile' is central to task automation. ```markdown ### Development Tool Stack ``` ``` **Sources:** 1-51 ### Key Development Files File| Purpose ---|--- `justfile`| Task automation - defines commands for testing, building, linting, and releasing `CONTRIBUTING.md`| Basic contribution guidelines for external contributors `.gitignore`| Excludes build artifacts, IDE files, and OS-specific files from version control `Cargo.toml`| Project metadata, dependencies, and build configuration `Cargo.lock`| Locked dependency versions for reproducible builds `CHANGELOG.md`| Auto-generated version history using conventional commits **Sources:** 1-51 1-36 1-19 ``` -------------------------------- ### Importing Core Types from Crate Root Source: https://deepwiki.com/oritwoen/vusi/3.1-core-concepts Import key types like Attack, Signature, and SignatureInput directly from the crate root for easier access. ```rust use vusi::{Attack, Signature, SignatureInput}; ``` -------------------------------- ### Scripting with vusi Exit Codes Source: https://deepwiki.com/oritwoen/vusi/2-cli-user-guide Demonstrates how to use bash scripting to check the exit code of a vusi analysis and take appropriate actions. ```bash #!/bin/bash vusi analyze signatures.json exit_code=$? if [ $exit_code -eq 0 ]; then echo "No vulnerabilities found - signatures are safe" elif [ $exit_code -eq 1 ]; then echo "WARNING: Vulnerabilities detected!" # Take action: alert, quarantine, etc. else echo "Error analyzing signatures" exit 1 fi ``` -------------------------------- ### Initialize HashMap for Signature Grouping Source: https://deepwiki.com/oritwoen/vusi/4.4-signature-data-model Initializes a HashMap to store signature groups based on the 'r' component and optional public key. This is the first step in the grouping algorithm. ```rust use std::collections::HashMap; use k256::Scalar; use crate::Signature; let mut groups: HashMap<([u8; 32], Option), Vec> = HashMap::new(); ``` -------------------------------- ### vusi analyze Command: Biased Nonce Attack Source: https://deepwiki.com/oritwoen/vusi/9-reference Shows how to select the 'biased-nonce' attack for analysis. ```bash vusi analyze --attack biased-nonce [INPUT] ``` -------------------------------- ### Enable JSON output and redirect to file Source: https://deepwiki.com/oritwoen/vusi/2-cli-user-guide Enables JSON output for programmatic processing and redirects the results to a specified file. ```bash vusi analyze signatures.json --json > results.json ``` -------------------------------- ### Calling the Detect Method Source: https://deepwiki.com/oritwoen/vusi/7.2-data-flow-pipeline Demonstrates how to call the `detect` method on an attack trait object to find vulnerabilities within a set of signatures. ```rust let vulns = attack.detect(&signatures); ``` -------------------------------- ### vusi analyze Command: Polynonce Attack Source: https://deepwiki.com/oritwoen/vusi/9-reference Demonstrates how to specify the 'polynonce' attack for the 'analyze' command. ```bash vusi analyze --attack polynonce [INPUT] ``` -------------------------------- ### Analyze signatures from stdin Source: https://deepwiki.com/oritwoen/vusi/9-reference Pipe signature data to Vusi for analysis. ```bash cat sigs.json | vusi analyze ``` -------------------------------- ### Run Tests with Features Source: https://deepwiki.com/oritwoen/vusi/8-contributing Execute tests while enabling specific Cargo features. This allows testing different configurations of the project. ```bash cargo test --features polynonce ``` -------------------------------- ### Clone Vusi Repository Source: https://deepwiki.com/oritwoen/vusi/1.1-installation Clones the Vusi source code repository from GitHub. This is the first step for building from source. ```bash git clone https://github.com/oritwoen/vusi.git cd vusi ``` -------------------------------- ### Core Functions in math.rs Source: https://deepwiki.com/oritwoen/vusi/5.1-scalar-arithmetic Reference for core mathematical functions including parsing, conversion, and modular arithmetic. ```Rust Function| Purpose| Returns ---|---|--- `parse_scalar_decimal_strict`| Parse and validate decimal strings| `Result` `scalar_to_decimal_string`| Convert scalar to decimal string| `String` `mod_inverse`| Compute modular inverse| `Option` `recover_nonce`| Recover nonce from two signatures| `Option` `recover_private_key`| Recover private key from signature + nonce| `Option` ``` -------------------------------- ### Build Vusi for Development Source: https://deepwiki.com/oritwoen/vusi/1.1-installation Compiles the Vusi project in debug mode for rapid iteration during development. The binary will be located in 'target/debug/vusi'. ```bash cargo build ``` -------------------------------- ### Analyze Signatures for Nonce Reuse Source: https://deepwiki.com/oritwoen/vusi/2-cli-user-guide Use this command to analyze signatures for the default nonce reuse vulnerability. ```bash vusi analyze signatures.json --attack nonce-reuse ``` -------------------------------- ### Build Vusi with Biased Nonce Attack Feature Source: https://deepwiki.com/oritwoen/vusi/4-attack-types Enable the Biased Nonce attack by building the Vusi project with the 'biased-nonce' feature flag. ```bash cargo build --features biased-nonce ``` -------------------------------- ### Analyze with Windowed LLL reduction Source: https://deepwiki.com/oritwoen/vusi/9-reference Apply the Windowed LLL reduction algorithm for biased nonce attacks. ```bash vusi analyze --attack biased-nonce --reduction windowed-lll --window-block-size 30 sigs.json ``` -------------------------------- ### Key Recovery from Vulnerabilities Source: https://deepwiki.com/oritwoen/vusi/9-reference After detecting vulnerabilities, this pattern shows how to recover the private key associated with each vulnerability. Requires a successful detection first. ```rust use vusi::attack::{Attack, NonceReuseAttack};   let attack = NonceReuseAttack; let vulnerabilities = attack.detect(&signatures);   for vuln in vulnerabilities { if let Some(key) = attack.recover(&vuln) { println!("Private Key (decimal): {}", key.private_key_decimal); println!("Private Key (hex): {:x}", key.private_key); } } ``` -------------------------------- ### Signature Module Core Types Source: https://deepwiki.com/oritwoen/vusi/3-library-api Illustrates the core data structures defined in the signature module. These are typically created via provider::load_signatures() and returned by Attack::detect() and Attack::recover(). ```rust use vusi::signature::{Signature, Vulnerability, RecoveredKey}; // Signatures are typically created via provider::load_signatures() // Vulnerability is returned from Attack::detect() // RecoveredKey is returned from Attack::recover() ``` -------------------------------- ### Implement `min_signatures()` Method Source: https://deepwiki.com/oritwoen/vusi/6.3-adding-new-attacks Return the minimum number of signatures required for your attack to function. This is typically 2 for attacks requiring signature pairs. ```rust fn min_signatures(&self) -> usize { 2 // For attacks requiring signature pairs } ``` -------------------------------- ### Create Feature Branch Source: https://deepwiki.com/oritwoen/vusi/8-contributing Create a new branch for your feature or bug fix with a descriptive name. ```bash git checkout -b feature/my-change ``` -------------------------------- ### Load Signatures Function Source: https://deepwiki.com/oritwoen/vusi/7.2-data-flow-pipeline Handles reading raw data from either a file path or standard input. It delegates parsing logic to `parse_signatures()`. ```rust fn load_signatures(input: &str) -> Result { let mut buf = String::new(); match input { "-" => io::stdin().read_to_string(&mut buf)?, _ => { let mut file = fs::File::open(input)?; file.read_to_string(&mut buf)?; } } Ok(buf) } ``` -------------------------------- ### vusi analyze Command: Biased Nonce with Windowed LLL Reduction Source: https://deepwiki.com/oritwoen/vusi/9-reference Employs 'windowed-lll' reduction with specified block size and rounds for the 'biased-nonce' attack. ```bash vusi analyze --attack biased-nonce --reduction windowed-lll --window-block-size 30 --window-rounds 4 [INPUT] ``` -------------------------------- ### SignatureInput to Signature Conversion Logic Source: https://deepwiki.com/oritwoen/vusi/7-architecture This snippet demonstrates the conversion from SignatureInput to Signature, enforcing canonical decimal representation, values strictly less than the curve order, non-zero r and s components, and normalized public keys. This conversion acts as the boundary between untrusted I/O and trusted domain objects. ```Rust impl TryFrom for Signature { type Error = anyhow::Error; fn try_from(value: SignatureInput) -> Result { let r = parse_scalar_decimal_strict(&value.r)?; let s = parse_scalar_decimal_strict(&value.s)?; let z = parse_scalar_decimal_strict(&value.z)?; let pubkey = match value.pubkey { Some(pk) => { let pk = pk.strip_prefix("0x").unwrap_or(&pk); Some(pk.to_ascii_lowercase()) } None => None, }; Ok(Signature { r, s, z, pubkey, }) } } ``` -------------------------------- ### vusi analyze Command: Polynonce with Custom Degree Source: https://deepwiki.com/oritwoen/vusi/9-reference Configures the 'polynonce' attack with a specific polynomial degree. ```bash vusi analyze --attack polynonce --degree 2 [INPUT] ``` -------------------------------- ### vusi analyze Command: Biased Nonce with Max Samples Source: https://deepwiki.com/oritwoen/vusi/9-reference Limits the number of signatures sampled for the 'biased-nonce' attack. ```bash vusi analyze --attack biased-nonce --max-samples 1000 [INPUT] ``` -------------------------------- ### Quick Compile Check Source: https://deepwiki.com/oritwoen/vusi/6-development-guide Perform a fast compilation check without generating an executable. Requires `just`. ```bash just check ``` -------------------------------- ### Lint Code with Warnings Denied Source: https://deepwiki.com/oritwoen/vusi/6-development-guide Ensure code adheres to quality standards by running the linter and denying all warnings. ```bash cargo clippy -D warnings ``` -------------------------------- ### Check Code Formatting Source: https://deepwiki.com/oritwoen/vusi/8-contributing Verify code formatting without modifying files. This is a check to ensure adherence to rustfmt standards. ```bash cargo fmt -- --check ``` -------------------------------- ### vusi analyze Command: Biased Nonce with LLL Reduction Source: https://deepwiki.com/oritwoen/vusi/9-reference Uses the 'lll' reduction method for the 'biased-nonce' attack. ```bash vusi analyze --attack biased-nonce --reduction lll [INPUT] ``` -------------------------------- ### Implement `recover()` Method for Nonce Reuse Attack Source: https://deepwiki.com/oritwoen/vusi/6.3-adding-new-attacks Attempts to recover the private key from a detected vulnerability by trying all pairs of signatures until one succeeds. ```rust fn recover(&self, vuln: &Vulnerability) -> Option { let sigs = &vuln.group.signatures; if sigs.len() < 2 { return None; } for i in 0..sigs.len() { for j in (i + 1)..sigs.len() { if let Some(key) = try_recover_pair(&sigs[i], &sigs[j], &vuln.group.pubkey) { return Some(key); } } } None } ``` -------------------------------- ### Build Signature Groups and Calculate Confidence Source: https://deepwiki.com/oritwoen/vusi/4.4-signature-data-model Processes the HashMap entries to reconstruct Scalar 'r' values, calculate confidence based on public key presence, and create SignatureGroup objects. ```rust for (r_bytes, pubkey) in groups.keys() { let r = Scalar::from_bytes(r_bytes).expect("Invalid r bytes"); let confidence = pubkey.is_some(); // ... create SignatureGroup ... } ``` -------------------------------- ### Analyze with Polynonce attack Source: https://deepwiki.com/oritwoen/vusi/9-reference Execute the Polynonce attack with a specified degree. ```bash vusi analyze --attack polynonce --degree 2 sigs.json ``` -------------------------------- ### Key Recovery Loop Source: https://deepwiki.com/oritwoen/vusi/7.2-data-flow-pipeline Illustrates the loop that iterates over detected vulnerabilities and calls the `recover` method on the attack trait object to attempt private key recovery. ```rust attack.recover() ``` -------------------------------- ### vusi analyze Command: Biased Nonce with Known Bits Source: https://deepwiki.com/oritwoen/vusi/9-reference Sets the number of known bits for the 'biased-nonce' attack. ```bash vusi analyze --attack biased-nonce --known-bits 16 [INPUT] ``` -------------------------------- ### Load Signatures from Stdin Source: https://deepwiki.com/oritwoen/vusi/3-library-api Loads signature data from standard input. Use '-' as the path to indicate stdin. The function automatically detects JSON or CSV format. ```rust use vusi::provider::load_signatures; // Load from stdin let signatures = load_signatures("-")?; ``` -------------------------------- ### Using Feature-Gated Attacks (Biased Nonce) Source: https://deepwiki.com/oritwoen/vusi/9-reference Shows how to use the BiasedNonceAttack, which requires the 'biased-nonce' feature flag. Configures the attack with bias type, known bits, and reduction algorithm. ```rust #[cfg(feature = "biased-nonce")] use vusi::attack::BiasedNonceAttack; use vusi::attack::biased_nonce::{BiasType, ReductionAlgorithm};   #[cfg(feature = "biased-nonce")] { let attack = BiasedNonceAttack::new( BiasType::Lsb, 8, // known bits ReductionAlgorithm::Lll, None, // max_samples ); let vulnerabilities = attack.detect(&signatures); } ``` -------------------------------- ### Cargo.toml Dependencies for Vusi Source: https://deepwiki.com/oritwoen/vusi/9-reference Add these lines to your Cargo.toml file to include Vusi with specific features enabled. ```toml [dependencies] vusi = { version = "x.y.z", features = ["polynonce", "biased-nonce"] } ``` -------------------------------- ### Process signatures from standard input (stdin) Source: https://deepwiki.com/oritwoen/vusi/2-cli-user-guide Processes signatures from standard input, which is the default behavior when no input file is specified. The input argument defaults to "-". ```bash echo '[{"r":"...","s":"...","z":"..."}]' | vusi analyze ``` ```bash cat signatures.json | vusi analyze ``` ```bash vusi analyze < signatures.json ``` -------------------------------- ### Underlying Operation for `just changelog` Source: https://deepwiki.com/oritwoen/vusi/6-development-guide The command executed by `just changelog` to generate the changelog file. ```bash git cliff -o CHANGELOG.md ``` -------------------------------- ### Early Return on Insufficient Signatures Source: https://deepwiki.com/oritwoen/vusi/6.3-adding-new-attacks Implement an early return mechanism in the `recover` function if the number of available signatures is less than the minimum required. ```rust fn recover(&self, vuln: &Vulnerability) -> Option { let sigs = &vuln.group.signatures; if sigs.len() < self.min_signatures() { return None; } // ... recovery logic } ```