merge SharePackage into SecretShare
This commit is contained in:
Conrado Gouvea
Deirdre Connolly
parent
0b2328cc94
commit
28be955e38
|
|
@ -233,13 +233,17 @@ pub struct VerifiableSecretSharingCommitment<C: Ciphersuite>(
|
|||
pub(super) Vec<CoefficientCommitment<C>>,
|
||||
);
|
||||
|
||||
/// A secret share generated by performing a (t-out-of-n) secret sharing scheme.
|
||||
/// A secret share generated by performing a (t-out-of-n) secret sharing scheme,
|
||||
/// generated by a dealer performing [`keygen_with_dealer`].
|
||||
///
|
||||
/// `n` is the total number of shares and `t` is the threshold required to reconstruct the secret;
|
||||
/// in this case we use Shamir's secret sharing.
|
||||
///
|
||||
/// As a solution to the secret polynomial _f_ (a 'point'), the `identifier` is the x-coordinate, and the
|
||||
/// `value` is the y-coordinate.
|
||||
///
|
||||
/// To derive a FROST keypair, the receiver of the [`SecretShare`] *must* call
|
||||
/// .into(), which under the hood also performs validation.
|
||||
#[derive(Clone, Zeroize)]
|
||||
pub struct SecretShare<C: Ciphersuite> {
|
||||
/// The participant identifier of this [`SecretShare`].
|
||||
|
|
@ -298,19 +302,6 @@ where
|
|||
}
|
||||
}
|
||||
|
||||
/// Secret and public key material generated by a dealer performing
|
||||
/// [`keygen_with_dealer`].
|
||||
///
|
||||
/// To derive a FROST keypair, the receiver of the [`SharePackage`] *must* call
|
||||
/// .into(), which under the hood also performs validation.
|
||||
#[derive(Clone)]
|
||||
pub struct SharePackage<C: Ciphersuite> {
|
||||
/// Denotes the participant identifier each share is owned by.
|
||||
pub identifier: Identifier<C>,
|
||||
/// This participant's secret share.
|
||||
pub secret_share: SecretShare<C>,
|
||||
}
|
||||
|
||||
/// Allows all participants' keys to be generated using a central, trusted
|
||||
/// dealer.
|
||||
///
|
||||
|
|
@ -327,7 +318,7 @@ pub fn keygen_with_dealer<C: Ciphersuite, R: RngCore + CryptoRng>(
|
|||
num_signers: u8,
|
||||
threshold: u8,
|
||||
mut rng: R,
|
||||
) -> Result<(Vec<SharePackage<C>>, PublicKeyPackage<C>), &'static str> {
|
||||
) -> Result<(Vec<SecretShare<C>>, PublicKeyPackage<C>), &'static str> {
|
||||
let mut bytes = [0; 64];
|
||||
rng.fill_bytes(&mut bytes);
|
||||
|
||||
|
|
@ -337,23 +328,16 @@ pub fn keygen_with_dealer<C: Ciphersuite, R: RngCore + CryptoRng>(
|
|||
let coefficients = generate_coefficients::<C, R>(threshold as usize - 1, rng);
|
||||
|
||||
let secret_shares = generate_secret_shares(&secret, num_signers, threshold, coefficients)?;
|
||||
let mut share_packages: Vec<SharePackage<C>> = Vec::with_capacity(num_signers as usize);
|
||||
let mut signer_pubkeys: HashMap<Identifier<C>, VerifyingShare<C>> =
|
||||
HashMap::with_capacity(num_signers as usize);
|
||||
|
||||
for secret_share in secret_shares {
|
||||
for secret_share in &secret_shares {
|
||||
let signer_public = secret_share.value.into();
|
||||
|
||||
share_packages.push(SharePackage {
|
||||
identifier: secret_share.identifier,
|
||||
secret_share: secret_share.clone(),
|
||||
});
|
||||
|
||||
signer_pubkeys.insert(secret_share.identifier, signer_public);
|
||||
}
|
||||
|
||||
Ok((
|
||||
share_packages,
|
||||
secret_shares,
|
||||
PublicKeyPackage {
|
||||
signer_pubkeys,
|
||||
group_public,
|
||||
|
|
@ -364,7 +348,7 @@ pub fn keygen_with_dealer<C: Ciphersuite, R: RngCore + CryptoRng>(
|
|||
/// A FROST keypair, which can be generated either by a trusted dealer or using
|
||||
/// a DKG.
|
||||
///
|
||||
/// When using a central dealer, [`SharePackage`]s are distributed to
|
||||
/// When using a central dealer, [`SecretShare`]s are distributed to
|
||||
/// participants, who then perform verification, before deriving
|
||||
/// [`KeyPackage`]s, which they store to later use during signing.
|
||||
#[derive(Clone)]
|
||||
|
|
@ -404,7 +388,7 @@ where
|
|||
}
|
||||
}
|
||||
|
||||
impl<C> TryFrom<SharePackage<C>> for KeyPackage<C>
|
||||
impl<C> TryFrom<SecretShare<C>> for KeyPackage<C>
|
||||
where
|
||||
C: Ciphersuite,
|
||||
{
|
||||
|
|
@ -412,18 +396,18 @@ where
|
|||
|
||||
/// Tries to verify a share and construct a [`KeyPackage`] from it.
|
||||
///
|
||||
/// When participants receive a [`SharePackage`] from the dealer, they
|
||||
/// When participants receive a [`SecretShare`] from the dealer, they
|
||||
/// *MUST* verify the integrity of the share before continuing on to
|
||||
/// transform it into a signing/verification keypair. Here, we assume that
|
||||
/// every participant has the same view of the commitment issued by the
|
||||
/// dealer, but implementations *MUST* make sure that all participants have
|
||||
/// a consistent view of this commitment in practice.
|
||||
fn try_from(share_package: SharePackage<C>) -> Result<Self, &'static str> {
|
||||
let (public, group_public) = share_package.secret_share.verify()?;
|
||||
fn try_from(secret_share: SecretShare<C>) -> Result<Self, &'static str> {
|
||||
let (public, group_public) = secret_share.verify()?;
|
||||
|
||||
Ok(KeyPackage {
|
||||
identifier: share_package.identifier,
|
||||
secret_share: share_package.secret_share.value,
|
||||
identifier: secret_share.identifier,
|
||||
secret_share: secret_share.value,
|
||||
public,
|
||||
group_public,
|
||||
})
|
||||
|
|
|
|||
|
|
@ -121,7 +121,7 @@ pub fn check_sign_with_dealer<C: Ciphersuite, R: RngCore + CryptoRng>(mut rng: R
|
|||
.is_ok());
|
||||
|
||||
// Check that the threshold signature can be verified by the group public
|
||||
// key (the verification key) from SharePackage.group_public
|
||||
// key (the verification key) from KeyPackage.group_public
|
||||
for (participant_identifier, _) in nonces.clone() {
|
||||
let key_package = key_packages.get(&participant_identifier).unwrap();
|
||||
|
||||
|
|
|
|||
|
|
@ -237,12 +237,12 @@ pub mod keys {
|
|||
num_signers: u8,
|
||||
threshold: u8,
|
||||
mut rng: RNG,
|
||||
) -> Result<(Vec<SharePackage>, PublicKeyPackage), &'static str> {
|
||||
) -> Result<(Vec<SecretShare>, PublicKeyPackage), &'static str> {
|
||||
frost::keys::keygen_with_dealer(num_signers, threshold, &mut rng)
|
||||
}
|
||||
|
||||
///
|
||||
pub type SharePackage = frost::keys::SharePackage<P>;
|
||||
pub type SecretShare = frost::keys::SecretShare<P>;
|
||||
|
||||
///
|
||||
pub type KeyPackage = frost::keys::KeyPackage<P>;
|
||||
|
|
|
|||
|
|
@ -215,7 +215,7 @@ pub mod keys {
|
|||
num_signers: u8,
|
||||
threshold: u8,
|
||||
mut rng: RNG,
|
||||
) -> Result<(Vec<SharePackage>, PublicKeyPackage), &'static str> {
|
||||
) -> Result<(Vec<SecretShare>, PublicKeyPackage), &'static str> {
|
||||
frost::keys::keygen_with_dealer(num_signers, threshold, &mut rng)
|
||||
}
|
||||
|
||||
|
|
@ -224,14 +224,14 @@ pub mod keys {
|
|||
///
|
||||
/// # Security
|
||||
///
|
||||
/// To derive a FROST(ristretto255, SHA-512) keypair, the receiver of the [`SharePackage`] *must* call
|
||||
/// To derive a FROST(ristretto255, SHA-512) keypair, the receiver of the [`SecretShare`] *must* call
|
||||
/// .into(), which under the hood also performs validation.
|
||||
pub type SharePackage = frost::keys::SharePackage<R>;
|
||||
pub type SecretShare = frost::keys::SecretShare<R>;
|
||||
|
||||
/// A FROST(ristretto255, SHA-512) keypair, which can be generated either by a trusted dealer or using
|
||||
/// a DKG.
|
||||
///
|
||||
/// When using a central dealer, [`SharePackage`]s are distributed to
|
||||
/// When using a central dealer, [`SecretShare`]s are distributed to
|
||||
/// participants, who then perform verification, before deriving
|
||||
/// [`KeyPackage`]s, which they store to later use during signing.
|
||||
pub type KeyPackage = frost::keys::KeyPackage<R>;
|
||||
|
|
|
|||
Loading…
Reference in New Issue