zecfoundation
/
frost
mirror of https://github.com/ZcashFoundation/frost.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Add a comment about why we hash the message and the set of nonce comm… (#407) 

Add a comment about why we hash the message and the set of nonce commitments as part of creating the preimage for the binding factor
This commit is contained in:
Deirdre Connolly 2023-06-22 05:27:02 -04:00 committed by GitHub
parent 8defd2c058
commit 8b09d9d698
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 3 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
frost-core/src/frost.rs
View File

@ -242,6 +242,9 @@ where
) -> Vec<(Identifier<C>, Vec<u8>)> {
let mut binding_factor_input_prefix = vec![];
// The message is hashed with H4 to force the variable-length message
// into a fixed-length byte string, same for hashing the variable-sized
// (between runs of the protocol) set of group commitments, but with H5.
binding_factor_input_prefix.extend_from_slice(C::H4(self.message.as_slice()).as_ref());
binding_factor_input_prefix.extend_from_slice(
C::H5(&round1::encode_group_commitments(self.signing_commitments())[..]).as_ref(),