Check num of commitments against min signers (#597)

* Check num of commitments against min signers * Move incorrect number of commitments check to part2 in the DKG
2024-01-17 13:18:27 +00:00 · 2024-01-17 13:18:27 +00:00 · e1fb9bc953
parent 9921b1218e
commit e1fb9bc953
3 changed files with 11 additions and 5 deletions
--- a/frost-core/src/keys.rs
+++ b/frost-core/src/keys.rs
@ -39,7 +39,7 @@ pub(crate) fn sum_commitments<C: Ciphersuite>(
    let mut group_commitment = vec![
        CoefficientCommitment(<C::Group>::identity());
        commitments
-            .get(0)
+            .first()
            .ok_or(Error::IncorrectNumberOfCommitments)?
            .0
            .len()
@ -407,7 +407,7 @@ where
    /// element in the vector), or an error if the vector is empty.
    pub(crate) fn verifying_key(&self) -> Result<VerifyingKey<C>, Error<C>> {
        Ok(VerifyingKey::new(
-            self.0.get(0).ok_or(Error::MissingCommitment)?.0,
+            self.0.first().ok_or(Error::MissingCommitment)?.0,
        ))
    }

@ -614,7 +614,7 @@ fn evaluate_polynomial<C: Ciphersuite>(
    }
    value = value
        + *coefficients
-            .get(0)
+            .first()
            .expect("coefficients must have at least one element");
    value
 }
--- a/frost-core/src/keys/dkg.rs
+++ b/frost-core/src/keys/dkg.rs
@ -349,7 +349,7 @@ pub(crate) fn compute_proof_of_knowledge<C: Ciphersuite, R: RngCore + CryptoRng>
    let c_i = challenge::<C>(identifier, &commitment.verifying_key()?, &R_i)
        .ok_or(Error::DKGNotSupported)?;
    let a_i0 = *coefficients
-        .get(0)
+        .first()
        .expect("coefficients must have at least one element");
    let mu_i = k + a_i0 * c_i.0;
    Ok(Signature { R: R_i, z: mu_i })
@ -406,6 +406,12 @@ pub fn part2<C: Ciphersuite>(
        return Err(Error::IncorrectNumberOfPackages);
    }

+    for package in round1_packages.values() {
+        if package.commitment.0.len() != secret_package.min_signers as usize {
+            return Err(Error::IncorrectNumberOfCommitments);
+        }
+    }
+
    let mut round2_packages = BTreeMap::new();

    for (sender_identifier, round1_package) in round1_packages {
--- a/frost-core/src/tests/ciphersuite_generic.rs
+++ b/frost-core/src/tests/ciphersuite_generic.rs
@ -360,7 +360,7 @@ fn check_aggregate_invalid_share_identifier_for_verifying_shares<C: Ciphersuite
        .expect_err("should not work");
 }

-/// Test FROST signing with trusted dealer with a Ciphersuite.
+/// Test FROST signing with DKG with a Ciphersuite.
 pub fn check_sign_with_dkg<C: Ciphersuite + PartialEq, R: RngCore + CryptoRng>(
    mut rng: R,
 ) -> (Vec<u8>, Signature<C>, VerifyingKey<C>)