add H5; update to V8 (#137)

* add H5; update to V8 * Link H4 * Link H5 Co-authored-by: Deirdre Connolly <durumcrustulum@gmail.com>
2022-10-03 05:31:58 -03:00 · 2022-10-03 05:31:58 -03:00 · 45d16cb801
parent 897b8bd8c9
commit 45d16cb801
9 changed files with 150 additions and 98 deletions
--- a/frost-core/src/frost.rs
+++ b/frost-core/src/frost.rs
@ -233,9 +233,9 @@ where
    pub fn rho_preimages(&self) -> Vec<(Identifier<C>, Vec<u8>)> {
        let mut rho_input_prefix = vec![];

-        rho_input_prefix.extend_from_slice(C::H3(self.message.as_slice()).as_ref());
+        rho_input_prefix.extend_from_slice(C::H4(self.message.as_slice()).as_ref());
        rho_input_prefix.extend_from_slice(
-            C::H3(&round1::encode_group_commitments(self.signing_commitments())[..]).as_ref(),
+            C::H5(&round1::encode_group_commitments(self.signing_commitments())[..]).as_ref(),
        );

        self.signing_commitments()
--- a/frost-core/src/frost/round1.rs
+++ b/frost-core/src/frost/round1.rs
@ -42,7 +42,7 @@ where
            .cloned()
            .collect();

-        Self(C::H4(input.as_slice()))
+        Self(C::H3(input.as_slice()))
    }

    /// Deserialize [`Nonce`] from bytes
--- a/frost-core/src/lib.rs
+++ b/frost-core/src/lib.rs
@ -183,19 +183,26 @@ pub trait Ciphersuite: Copy + Clone + PartialEq {
    /// [H2]: https://github.com/cfrg/draft-irtf-cfrg-frost/blob/master/draft-irtf-cfrg-frost.md#cryptographic-hash
    fn H2(m: &[u8]) -> <<Self::Group as Group>::Field as Field>::Scalar;

-    /// H3 for a FROST ciphersuite.
-    ///
-    /// Usually an an alias for the ciphersuite hash function _H_ with domain separation applied.
-    ///
-    /// [spec]: https://github.com/cfrg/draft-irtf-cfrg-frost/blob/master/draft-irtf-cfrg-frost.md#cryptographic-hash
-    fn H3(m: &[u8]) -> Self::HashOutput;
-
-    /// [H4] for a FROST ciphersuite.
+    /// [H3] for a FROST ciphersuite.
    ///
    /// Maps arbitrary inputs to non-zero `Self::Scalar` elements of the prime-order group scalar field.
    ///
+    /// [H3]: https://github.com/cfrg/draft-irtf-cfrg-frost/blob/master/draft-irtf-cfrg-frost.md#cryptographic-hash
+    fn H3(m: &[u8]) -> <<Self::Group as Group>::Field as Field>::Scalar;
+
+    /// [H4] for a FROST ciphersuite.
+    ///
+    /// Usually an an alias for the ciphersuite hash function _H_ with domain separation applied.
+    ///
    /// [H4]: https://github.com/cfrg/draft-irtf-cfrg-frost/blob/master/draft-irtf-cfrg-frost.md#cryptographic-hash
-    fn H4(m: &[u8]) -> <<Self::Group as Group>::Field as Field>::Scalar;
+    fn H4(m: &[u8]) -> Self::HashOutput;
+
+    /// [H5] for a FROST ciphersuite.
+    ///
+    /// Usually an an alias for the ciphersuite hash function _H_ with domain separation applied.
+    ///
+    /// [H5]: https://github.com/cfrg/draft-irtf-cfrg-frost/blob/master/draft-irtf-cfrg-frost.md#cryptographic-hash
+    fn H5(m: &[u8]) -> Self::HashOutput;

    /// Verify a signature for this ciphersuite. The default implementation uses the "cofactored"
    /// equation (it multiplies by the cofactor returned by [`Group::cofactor()`]).
--- a/frost-core/tests/common/ciphersuite.rs
+++ b/frost-core/tests/common/ciphersuite.rs
@ -101,7 +101,7 @@ impl Group for RistrettoGroup {
 /// Context string 'FROST-RISTRETTO255-SHA512-v5' from the ciphersuite in the [spec]
 ///
 /// [spec]: https://www.ietf.org/archive/id/draft-irtf-cfrg-frost-05.html#section-6.2-1
-const CONTEXT_STRING: &str = "FROST-RISTRETTO255-SHA512-v5";
+const CONTEXT_STRING: &str = "FROST-RISTRETTO255-SHA512-v8";

 #[derive(Clone, Copy, PartialEq, Eq)]
 pub struct Ristretto255Sha512;
@ -143,19 +143,8 @@ impl Ciphersuite for Ristretto255Sha512 {

    /// H3 for FROST(ristretto255, SHA-512)
    ///
-    /// [spec]: https://github.com/cfrg/draft-irtf-cfrg-frost/blob/master/draft-irtf-cfrg-frost.md#cryptographic-hash-function-dep-hash
-    fn H3(m: &[u8]) -> Self::HashOutput {
-        let h = Sha512::new()
-            .chain(CONTEXT_STRING.as_bytes())
-            .chain("digest")
-            .chain(m);
-
-        let mut output = [0u8; 64];
-        output.copy_from_slice(h.finalize().as_slice());
-        output
-    }
-
-    fn H4(m: &[u8]) -> <<Self::Group as Group>::Field as Field>::Scalar {
+    /// [spec]: https://www.ietf.org/archive/id/draft-irtf-cfrg-frost-05.html#name-frostristretto255-sha-512
+    fn H3(m: &[u8]) -> <<Self::Group as Group>::Field as Field>::Scalar {
        let h = Sha512::new()
            .chain(CONTEXT_STRING.as_bytes())
            .chain("nonce")
@ -165,6 +154,34 @@ impl Ciphersuite for Ristretto255Sha512 {
        output.copy_from_slice(h.finalize().as_slice());
        <<Self::Group as Group>::Field as Field>::Scalar::from_bytes_mod_order_wide(&output)
    }
+
+    /// H4 for FROST(ristretto255, SHA-512)
+    ///
+    /// [spec]: https://github.com/cfrg/draft-irtf-cfrg-frost/blob/master/draft-irtf-cfrg-frost.md#cryptographic-hash-function-dep-hash
+    fn H4(m: &[u8]) -> Self::HashOutput {
+        let h = Sha512::new()
+            .chain(CONTEXT_STRING.as_bytes())
+            .chain("msg")
+            .chain(m);
+
+        let mut output = [0u8; 64];
+        output.copy_from_slice(h.finalize().as_slice());
+        output
+    }
+
+    /// H5 for FROST(ristretto255, SHA-512)
+    ///
+    /// [spec]: https://github.com/cfrg/draft-irtf-cfrg-frost/blob/master/draft-irtf-cfrg-frost.md#cryptographic-hash-function-dep-hash
+    fn H5(m: &[u8]) -> Self::HashOutput {
+        let h = Sha512::new()
+            .chain(CONTEXT_STRING.as_bytes())
+            .chain("com")
+            .chain(m);
+
+        let mut output = [0u8; 64];
+        output.copy_from_slice(h.finalize().as_slice());
+        output
+    }
 }

 #[test]
--- a/frost-core/tests/common/vectors.json
+++ b/frost-core/tests/common/vectors.json
@ -27,20 +27,20 @@
    "participants": "1,3",
    "signers": {
      "1": {
-        "hiding_nonce": "eb0dc12ae7b746d36e3f2de46ce3833a05b9d4af5434eeb8cafaefda76906d00",
-        "binding_nonce": "491e91aa9df514ef598d5e0c7c5cdd088fbde4965b96069d546c0f04f1822b03",
-        "hiding_nonce_commitment": "c6fe28df6a13f2ea80a911dd7a284e4b185bc8d3e3102adaf88807a5e3d3813c",
-        "binding_nonce_commitment": "a413722bcfc71ba044bb2846b814401e60fed6b2fc5bfb25f5a49e63474b7011",
-        "binding_factor_input": "678630bf982c566949d7f22d2aefb94f252c664216d332f34e2c8fdcd7045f207f854504d0daa534a5b31dbdf4183be30eb4fdba4f962d8a6b69cf20c2734043c229faa47541463641bcc7c23a4576d74e536dea0d7f7ae6e2c8461a63f4fe97599d8d83005d520a104f937ce3b8181281348fad246e1c0d89ed4cca7d522e750001",
-        "binding_factor": "2e81f15e28874f517b6d2023291e49000f71f998852b484aaef945000478ea05"
+        "hiding_nonce": "1eaee906e0554a5e533415e971eefa909f3c614c7c75e27f381b0270a9afe308",
+        "binding_nonce": "16175fc2e7545baf7180e8f5b6e1e73c4f2769323cc76754bdd79fe93ab0bd0b",
+        "hiding_nonce_commitment": "80d35700fda011d9e2b2fad4f237bf88f2978d954382dfd36a517ab0497a474f",
+        "binding_nonce_commitment": "40f0fecaf94e656b3f802ba9827fca9fa994c13c98a5ff257973f8bdbc733324",
+        "binding_factor_input": "fe9082dcc1ae1ae11380ac4cf0b6e2770af565ff5af9016254dc7c9d4869cbae0f6e4d94b23e5781b91bc74a25e0c773446b2640290d07c83f0b067ff870a80179b2d1262816a7a4fad96b747bd6b35ccf4a912a793c5701d54852db80904a767cbbd6e37377eec77f407b22890c01190995066cce59d88a14ac56ac40b3bdc90001",
+        "binding_factor": "c0f5ee2613c448137bae256a4e95d56deb8c59f934332c0c0041720b8819680f"
      },
      "3": {
-        "hiding_nonce": "abd12b8e6f255ee1e540eab029003a6e956567617720f61115f0941615892209",
-        "binding_nonce": "218e22625f93f262f025bd2d13c46ba722aa29fe585ceed66ff442d98fe4e509",
-        "hiding_nonce_commitment": "5450c4c98c3fc6bb579bded17fcdc23073d2ecfb761e3f9433cbc991e1496068",
-        "binding_nonce_commitment": "0ae0cf608fcba285ec1f6c84c955572c91a4fafcc1f1120f4f30b25e40fbcc0a",
-        "binding_factor_input": "678630bf982c566949d7f22d2aefb94f252c664216d332f34e2c8fdcd7045f207f854504d0daa534a5b31dbdf4183be30eb4fdba4f962d8a6b69cf20c2734043c229faa47541463641bcc7c23a4576d74e536dea0d7f7ae6e2c8461a63f4fe97599d8d83005d520a104f937ce3b8181281348fad246e1c0d89ed4cca7d522e750003",
-        "binding_factor": "240d5257c68e377c1994481081a8a4c4362b9e82e523088c30d91f8c2811890e"
+        "hiding_nonce": "48d78b8c2de1a515513f9d3fc464a19a72304fac522f17cc647706cb22c21403",
+        "binding_nonce": "5c0f10966b3f1386660a87de0fafd69decbe9ffae1a152a88b7d83bb4fb1c908",
+        "hiding_nonce_commitment": "20dec6ad0795f82009a1a94b6ad79f01a1e95ae8e308d8d8fae8285982308113",
+        "binding_nonce_commitment": "98437dafb20fdb18255464072bee514889aeeec324f149d49747143c3613056d",
+        "binding_factor_input": "fe9082dcc1ae1ae11380ac4cf0b6e2770af565ff5af9016254dc7c9d4869cbae0f6e4d94b23e5781b91bc74a25e0c773446b2640290d07c83f0b067ff870a80179b2d1262816a7a4fad96b747bd6b35ccf4a912a793c5701d54852db80904a767cbbd6e37377eec77f407b22890c01190995066cce59d88a14ac56ac40b3bdc90003",
+        "binding_factor": "8ea449e545706bb3b42c66423005451457e4bb4dea2c2d0b1d157e6bb652ec09"
      }
    }
  },
@ -48,14 +48,14 @@
    "participants": "1,3",
    "signers": {
      "1": {
-        "sig_share": "efae3a83437fa8cd96194aacc56a7eb841630c280da99e7764a81d1340323306"
+        "sig_share": "5ae13621ebeef844e39454eb3478a50c4531d25939e1065f44f5b04a8535090e"
      },
      "3": {
-        "sig_share": "96ddc4582e45eabce46f07b9e9375f8b49d35d1510fd34ac02b1e79d6100a602"
+        "sig_share": "aa432dcf274a9441c205e76fe43497be99efe374f9853477bd5add2075f6970c"
      }
    }
  },
  "final_output": {
-    "sig": "7ec584cef9a383afb43883b73bcaa6313afe878bd5fe75a608311b866a76ec67858cffdb71c4928a7b895165afa2dd438b366a3d1da6d323675905b1a132d908"
+    "sig": "9c407badb8cacf10f306d94e31fb2a71d6a8398039802b4d80a127847239720617516e93f8d57a2ecffd43b83ab35db6de20b6ce32673bd601508e6bfa2ba10a"
  }
 }
--- a/frost-p256/src/lib.rs
+++ b/frost-p256/src/lib.rs
@ -137,7 +137,7 @@ impl Group for P256Group {
 /// Context string from the ciphersuite in the [spec]
 ///
 /// [spec]: https://www.ietf.org/archive/id/draft-irtf-cfrg-frost-05.html#section-6.4-1
-const CONTEXT_STRING: &str = "FROST-P256-SHA256-v5";
+const CONTEXT_STRING: &str = "FROST-P256-SHA256-v8";

 #[derive(Clone, Copy, PartialEq, Eq)]
 /// An implementation of the FROST ciphersuite FROST(P-256, SHA-256).
@ -174,11 +174,22 @@ impl Ciphersuite for P256Sha256 {

    /// H3 for FROST(P-256, SHA-256)
    ///
+    /// [spec]: https://www.ietf.org/archive/id/draft-irtf-cfrg-frost-05.html#section-6.4-2.2.2.4
+    fn H3(m: &[u8]) -> <<Self::Group as Group>::Field as Field>::Scalar {
+        let mut u = [P256ScalarField::zero()];
+        let dst = CONTEXT_STRING.to_owned() + "nonce";
+        hash_to_field::<ExpandMsgXmd<Sha256>, Scalar>(&[m], dst.as_bytes(), &mut u)
+            .expect("should never return error according to error cases described in ExpandMsgXmd");
+        u[0]
+    }
+
+    /// H4 for FROST(P-256, SHA-256)
+    ///
    /// [spec]: https://www.ietf.org/archive/id/draft-irtf-cfrg-frost-05.html#section-6.4-2.2.2.3
-    fn H3(m: &[u8]) -> Self::HashOutput {
+    fn H4(m: &[u8]) -> Self::HashOutput {
        let h = Sha256::new()
            .chain(CONTEXT_STRING.as_bytes())
-            .chain("digest")
+            .chain("msg")
            .chain(m);

        let mut output = [0u8; 32];
@ -186,15 +197,18 @@ impl Ciphersuite for P256Sha256 {
        output
    }

-    /// H4 for FROST(P-256, SHA-256)
+    /// H5 for FROST(P-256, SHA-256)
    ///
-    /// [spec]: https://www.ietf.org/archive/id/draft-irtf-cfrg-frost-05.html#section-6.4-2.2.2.4
-    fn H4(m: &[u8]) -> <<Self::Group as Group>::Field as Field>::Scalar {
-        let mut u = [P256ScalarField::zero()];
-        let dst = CONTEXT_STRING.to_owned() + "nonce";
-        hash_to_field::<ExpandMsgXmd<Sha256>, Scalar>(&[m], dst.as_bytes(), &mut u)
-            .expect("should never return error according to error cases described in ExpandMsgXmd");
-        u[0]
+    /// [spec]: https://www.ietf.org/archive/id/draft-irtf-cfrg-frost-05.html#section-6.4-2.2.2.3
+    fn H5(m: &[u8]) -> Self::HashOutput {
+        let h = Sha256::new()
+            .chain(CONTEXT_STRING.as_bytes())
+            .chain("com")
+            .chain(m);
+
+        let mut output = [0u8; 32];
+        output.copy_from_slice(h.finalize().as_slice());
+        output
    }
 }

--- a/frost-p256/src/tests/vectors.json
+++ b/frost-p256/src/tests/vectors.json
@ -27,20 +27,20 @@
    "participants": "1,3",
    "signers": {
      "1": {
-        "hiding_nonce": "33a519cf070a166f9ef41a798d03423743f3e7d0b0efd5d0d963773c4c53205e",
-        "binding_nonce": "307d208d0c5728f323ae374f1ebd7f14a1a49b77d9d4bc1eab222218a17765ff",
-        "hiding_nonce_commitment": "021e5c8b286dc859314eb1c0a2024a2077ad49b603112dd7bfaf326591d3fab332",
-        "binding_nonce_commitment": "039431f230cf2bd90ad556a7f3d6b5a5686efd194c863356628d7296c2a3fa5900",
-        "binding_factor_input": "7a753fed12531fbcd151e1d84702927c39063e780e91c01f02bd11b60d7632bf44df5a9e0d49f359549018a13a586b5ede02cadef80472f75d195b82160f43ea0001",
-        "binding_factor": "71f09a2c4a1fc2f7a1379102809b4ac3247837c532cc5cf0913782496c515655"
+        "hiding_nonce": "e9165dad654fc20a9e31ca6f32ac032ec327b551a50e8ac5cf25f5c4c9e20757",
+        "binding_nonce": "e9059a232598a0fba0e495a687580e624ab425337c3221246fb2c716905bc9e7",
+        "hiding_nonce_commitment": "0228df2e7f6c254b40a9f8853cf6c4f21eacbb6f0663027384966816b57e513304",
+        "binding_nonce_commitment": "02f5b7f48786f8b83ebefed6249825650c4fa657da66ae0da1b2613dedbe122ec8",
+        "binding_factor_input": "3617acb73b44df565fbcbbbd1824142c473ad1d6c8007c4b72a298d1eaae5766b730d2e6594ea697a5971f15e989ac47ecc015692ad88b615a41e652a306c7e50001",
+        "binding_factor": "95f987c0ab590507a8c4deaf506ffc182d3626e30386306f7ab3aaf0b0013cd3"
      },
      "3": {
-        "hiding_nonce": "a614eadb972dc37b88aeceb6e899903f3104742d13f379a0e014541decbea4a4",
-        "binding_nonce": "e509791018504c5bb87edaf0f44761cc840888507c4cd80237971d78e65f70f2",
-        "hiding_nonce_commitment": "0282308b1a22eb8efa13d4655f795f1cbf6525d8863ac0d60c4e164b7436d41778",
-        "binding_nonce_commitment": "036549bda4158ec5f76611275360a57e6ad5007d6c072462feb42c8f2a25ec94ea",
-        "binding_factor_input": "7a753fed12531fbcd151e1d84702927c39063e780e91c01f02bd11b60d7632bf44df5a9e0d49f359549018a13a586b5ede02cadef80472f75d195b82160f43ea0003",
-        "binding_factor": "57a1061da0837cc0cd7e901a1d33f46efa18af9c3e6468cca88edd2d4a16e78d"
+        "hiding_nonce": "b9d136e29eb758bd77cb83c317ac4e336cf8cda830c089deddf6d5ec81da9884",
+        "binding_nonce": "5261e2d00ce227e67bb9b38990294e2c82970f335b2e6d9f1d07a72ba43d01f0",
+        "hiding_nonce_commitment": "02f87bd95ab5e08ea292a96e21caf9bdc5002ebf6e3ce14f922817d26a4d08144d",
+        "binding_nonce_commitment": "0263cb513e347fcf8492c7f97843ed4c3797f2f3fe925b1e68f65fb90826fe9597",
+        "binding_factor_input": "3617acb73b44df565fbcbbbd1824142c473ad1d6c8007c4b72a298d1eaae5766b730d2e6594ea697a5971f15e989ac47ecc015692ad88b615a41e652a306c7e50003",
+        "binding_factor": "2f21db4f811b13f938a13b8f2633467d250703fe5bd63cd24f08bef6fd2f3c29"
      }
    }
  },
@ -48,14 +48,14 @@
    "participants": "1,3",
    "signers": {
      "1": {
-        "sig_share": "61e8b9c474df2e66ad19fd80a6e6cec1c6fe43c0a1cffd2d1c28299e93e1bbdb"
+        "sig_share": "bdaa275f10ca57e3a3a9a7a0d95aeabb517897d8482873a8f9713d458f94756f"
      },
      "3": {
-        "sig_share": "9651d355ca1dea2557ba1f73e38a9f4ff1f1afc565323ef27f88a9d14df8370e"
+        "sig_share": "0e8fd85386939e8974a8748e66641df0fe043323c52487a2b10b8a397897de21"
      }
    }
  },
  "final_output": {
-    "sig": "02dfba781e17b830229ae4ed22ebe402873683d9dfd945d01762217fb3172c2a71f83a8d1a3efd188c04d41cf48a716e11b8eff38607023c1f9bb0d36fe1d9f2e9"
+    "sig": "03c41521412528dce484c35b6b9b7cc8150102ab3e4bdf858d702270c05098e6c6cc39ffb2975df66d18521c2f3fbf08ac4f7ccafc0d4cfb4baa7cc77f082c5390"
  }
 }
--- a/frost-ristretto255/src/lib.rs
+++ b/frost-ristretto255/src/lib.rs
@ -110,7 +110,7 @@ impl Group for RistrettoGroup {
 /// Context string 'FROST-RISTRETTO255-SHA512-v5' from the ciphersuite in the [spec]
 ///
 /// [spec]: https://www.ietf.org/archive/id/draft-irtf-cfrg-frost-05.html#section-6.2-1
-const CONTEXT_STRING: &str = "FROST-RISTRETTO255-SHA512-v5";
+const CONTEXT_STRING: &str = "FROST-RISTRETTO255-SHA512-v8";

 #[derive(Clone, Copy, PartialEq, Eq)]
 /// An implementation of the FROST(ristretto255, SHA-512) ciphersuite.
@ -153,22 +153,8 @@ impl Ciphersuite for Ristretto255Sha512 {

    /// H3 for FROST(ristretto255, SHA-512)
    ///
-    /// [spec]: https://github.com/cfrg/draft-irtf-cfrg-frost/blob/master/draft-irtf-cfrg-frost.md#cryptographic-hash-function-dep-hash
-    fn H3(m: &[u8]) -> Self::HashOutput {
-        let h = Sha512::new()
-            .chain(CONTEXT_STRING.as_bytes())
-            .chain("digest")
-            .chain(m);
-
-        let mut output = [0u8; 64];
-        output.copy_from_slice(h.finalize().as_slice());
-        output
-    }
-
-    /// H4 for FROST(ristretto255, SHA-512)
-    ///
    /// [spec]: https://www.ietf.org/archive/id/draft-irtf-cfrg-frost-05.html#name-frostristretto255-sha-512
-    fn H4(m: &[u8]) -> <<Self::Group as Group>::Field as Field>::Scalar {
+    fn H3(m: &[u8]) -> <<Self::Group as Group>::Field as Field>::Scalar {
        let h = Sha512::new()
            .chain(CONTEXT_STRING.as_bytes())
            .chain("nonce")
@ -178,6 +164,34 @@ impl Ciphersuite for Ristretto255Sha512 {
        output.copy_from_slice(h.finalize().as_slice());
        <<Self::Group as Group>::Field as Field>::Scalar::from_bytes_mod_order_wide(&output)
    }
+
+    /// H4 for FROST(ristretto255, SHA-512)
+    ///
+    /// [spec]: https://github.com/cfrg/draft-irtf-cfrg-frost/blob/master/draft-irtf-cfrg-frost.md#cryptographic-hash-function-dep-hash
+    fn H4(m: &[u8]) -> Self::HashOutput {
+        let h = Sha512::new()
+            .chain(CONTEXT_STRING.as_bytes())
+            .chain("msg")
+            .chain(m);
+
+        let mut output = [0u8; 64];
+        output.copy_from_slice(h.finalize().as_slice());
+        output
+    }
+
+    /// H5 for FROST(ristretto255, SHA-512)
+    ///
+    /// [spec]: https://github.com/cfrg/draft-irtf-cfrg-frost/blob/master/draft-irtf-cfrg-frost.md#cryptographic-hash-function-dep-hash
+    fn H5(m: &[u8]) -> Self::HashOutput {
+        let h = Sha512::new()
+            .chain(CONTEXT_STRING.as_bytes())
+            .chain("com")
+            .chain(m);
+
+        let mut output = [0u8; 64];
+        output.copy_from_slice(h.finalize().as_slice());
+        output
+    }
 }

 type R = Ristretto255Sha512;
--- a/frost-ristretto255/src/tests/vectors.json
+++ b/frost-ristretto255/src/tests/vectors.json
@ -27,20 +27,20 @@
    "participants": "1,3",
    "signers": {
      "1": {
-        "hiding_nonce": "eb0dc12ae7b746d36e3f2de46ce3833a05b9d4af5434eeb8cafaefda76906d00",
-        "binding_nonce": "491e91aa9df514ef598d5e0c7c5cdd088fbde4965b96069d546c0f04f1822b03",
-        "hiding_nonce_commitment": "c6fe28df6a13f2ea80a911dd7a284e4b185bc8d3e3102adaf88807a5e3d3813c",
-        "binding_nonce_commitment": "a413722bcfc71ba044bb2846b814401e60fed6b2fc5bfb25f5a49e63474b7011",
-        "binding_factor_input": "678630bf982c566949d7f22d2aefb94f252c664216d332f34e2c8fdcd7045f207f854504d0daa534a5b31dbdf4183be30eb4fdba4f962d8a6b69cf20c2734043c229faa47541463641bcc7c23a4576d74e536dea0d7f7ae6e2c8461a63f4fe97599d8d83005d520a104f937ce3b8181281348fad246e1c0d89ed4cca7d522e750001",
-        "binding_factor": "2e81f15e28874f517b6d2023291e49000f71f998852b484aaef945000478ea05"
+        "hiding_nonce": "1eaee906e0554a5e533415e971eefa909f3c614c7c75e27f381b0270a9afe308",
+        "binding_nonce": "16175fc2e7545baf7180e8f5b6e1e73c4f2769323cc76754bdd79fe93ab0bd0b",
+        "hiding_nonce_commitment": "80d35700fda011d9e2b2fad4f237bf88f2978d954382dfd36a517ab0497a474f",
+        "binding_nonce_commitment": "40f0fecaf94e656b3f802ba9827fca9fa994c13c98a5ff257973f8bdbc733324",
+        "binding_factor_input": "fe9082dcc1ae1ae11380ac4cf0b6e2770af565ff5af9016254dc7c9d4869cbae0f6e4d94b23e5781b91bc74a25e0c773446b2640290d07c83f0b067ff870a80179b2d1262816a7a4fad96b747bd6b35ccf4a912a793c5701d54852db80904a767cbbd6e37377eec77f407b22890c01190995066cce59d88a14ac56ac40b3bdc90001",
+        "binding_factor": "c0f5ee2613c448137bae256a4e95d56deb8c59f934332c0c0041720b8819680f"
      },
      "3": {
-        "hiding_nonce": "abd12b8e6f255ee1e540eab029003a6e956567617720f61115f0941615892209",
-        "binding_nonce": "218e22625f93f262f025bd2d13c46ba722aa29fe585ceed66ff442d98fe4e509",
-        "hiding_nonce_commitment": "5450c4c98c3fc6bb579bded17fcdc23073d2ecfb761e3f9433cbc991e1496068",
-        "binding_nonce_commitment": "0ae0cf608fcba285ec1f6c84c955572c91a4fafcc1f1120f4f30b25e40fbcc0a",
-        "binding_factor_input": "678630bf982c566949d7f22d2aefb94f252c664216d332f34e2c8fdcd7045f207f854504d0daa534a5b31dbdf4183be30eb4fdba4f962d8a6b69cf20c2734043c229faa47541463641bcc7c23a4576d74e536dea0d7f7ae6e2c8461a63f4fe97599d8d83005d520a104f937ce3b8181281348fad246e1c0d89ed4cca7d522e750003",
-        "binding_factor": "240d5257c68e377c1994481081a8a4c4362b9e82e523088c30d91f8c2811890e"
+        "hiding_nonce": "48d78b8c2de1a515513f9d3fc464a19a72304fac522f17cc647706cb22c21403",
+        "binding_nonce": "5c0f10966b3f1386660a87de0fafd69decbe9ffae1a152a88b7d83bb4fb1c908",
+        "hiding_nonce_commitment": "20dec6ad0795f82009a1a94b6ad79f01a1e95ae8e308d8d8fae8285982308113",
+        "binding_nonce_commitment": "98437dafb20fdb18255464072bee514889aeeec324f149d49747143c3613056d",
+        "binding_factor_input": "fe9082dcc1ae1ae11380ac4cf0b6e2770af565ff5af9016254dc7c9d4869cbae0f6e4d94b23e5781b91bc74a25e0c773446b2640290d07c83f0b067ff870a80179b2d1262816a7a4fad96b747bd6b35ccf4a912a793c5701d54852db80904a767cbbd6e37377eec77f407b22890c01190995066cce59d88a14ac56ac40b3bdc90003",
+        "binding_factor": "8ea449e545706bb3b42c66423005451457e4bb4dea2c2d0b1d157e6bb652ec09"
      }
    }
  },
@ -48,14 +48,14 @@
    "participants": "1,3",
    "signers": {
      "1": {
-        "sig_share": "efae3a83437fa8cd96194aacc56a7eb841630c280da99e7764a81d1340323306"
+        "sig_share": "5ae13621ebeef844e39454eb3478a50c4531d25939e1065f44f5b04a8535090e"
      },
      "3": {
-        "sig_share": "96ddc4582e45eabce46f07b9e9375f8b49d35d1510fd34ac02b1e79d6100a602"
+        "sig_share": "aa432dcf274a9441c205e76fe43497be99efe374f9853477bd5add2075f6970c"
      }
    }
  },
  "final_output": {
-    "sig": "7ec584cef9a383afb43883b73bcaa6313afe878bd5fe75a608311b866a76ec67858cffdb71c4928a7b895165afa2dd438b366a3d1da6d323675905b1a132d908"
+    "sig": "9c407badb8cacf10f306d94e31fb2a71d6a8398039802b4d80a127847239720617516e93f8d57a2ecffd43b83ab35db6de20b6ce32673bd601508e6bfa2ba10a"
  }
 }