Rename fields to match types (#539)
* Rename signer_pubkeys to verifying_shares (#495) * Rename group_public to verifying_key (#495) Some naming needed to be updated in DKG as well as there was already a verifying_key which was actually a verifying_share * Update KeyPackage field from secret_share to signing_share (#495) * Update Package field from secret_share to signing_share (#495) * Update KeyPackage field from public to verifying_share (#495) * Update SecretShare field vrom value to signing_share (#495) * Remove secret function from SecretShare (#495) This is because we now can use the getter to get signing_share() without the need for an additional function * Update serde_tests with updated field names (#495)
This commit is contained in:
natalie
GitHub
parent
c38305b536
commit
eee505a49e
|
|
@ -82,13 +82,13 @@ take a bit to compile. It will show a bunch of warnings which is normal.
|
||||||
cargo build --release --bin sign --features dotenv -- -g
|
cargo build --release --bin sign --features dotenv -- -g
|
||||||
```
|
```
|
||||||
|
|
||||||
When prompted for the `ak`, paste the `group_public` value that was printed in
|
When prompted for the `ak`, paste the `verifying_key` value that was printed in
|
||||||
the previous part, inside the Public Key Package. For example, in the following
|
the previous part, inside the Public Key Package. For example, in the following
|
||||||
package
|
package
|
||||||
|
|
||||||
```
|
```
|
||||||
Public key package:
|
Public key package:
|
||||||
{"signer_pubkeys": ...snip... ,"group_public":"d2bf40ca860fb97e9d6d15d7d25e4f17d2e8ba5dd7069188cbf30b023910a71b","ciphersuite":"FROST(Pallas, BLAKE2b-512)"}
|
{"verifying_shares": ...snip... ,"verifying_key":"d2bf40ca860fb97e9d6d15d7d25e4f17d2e8ba5dd7069188cbf30b023910a71b","ciphersuite":"FROST(Pallas, BLAKE2b-512)"}
|
||||||
```
|
```
|
||||||
|
|
||||||
you would need to use
|
you would need to use
|
||||||
|
|
|
||||||
|
|
@ -130,7 +130,7 @@ pub fn bench_sign<C: Ciphersuite, R: RngCore + CryptoRng + Clone>(
|
||||||
key_packages
|
key_packages
|
||||||
.get(&participant_identifier)
|
.get(&participant_identifier)
|
||||||
.unwrap()
|
.unwrap()
|
||||||
.secret_share(),
|
.signing_share(),
|
||||||
rng,
|
rng,
|
||||||
);
|
);
|
||||||
})
|
})
|
||||||
|
|
@ -146,7 +146,7 @@ pub fn bench_sign<C: Ciphersuite, R: RngCore + CryptoRng + Clone>(
|
||||||
key_packages
|
key_packages
|
||||||
.get(&participant_identifier)
|
.get(&participant_identifier)
|
||||||
.unwrap()
|
.unwrap()
|
||||||
.secret_share(),
|
.signing_share(),
|
||||||
rng,
|
rng,
|
||||||
);
|
);
|
||||||
nonces.insert(participant_identifier, nonce);
|
nonces.insert(participant_identifier, nonce);
|
||||||
|
|
|
||||||
|
|
@ -100,13 +100,13 @@ where
|
||||||
#[cfg_attr(docsrs, doc(cfg(feature = "internals")))]
|
#[cfg_attr(docsrs, doc(cfg(feature = "internals")))]
|
||||||
pub(crate) fn compute_binding_factor_list<C>(
|
pub(crate) fn compute_binding_factor_list<C>(
|
||||||
signing_package: &SigningPackage<C>,
|
signing_package: &SigningPackage<C>,
|
||||||
group_public: &VerifyingKey<C>,
|
verifying_key: &VerifyingKey<C>,
|
||||||
additional_prefix: &[u8],
|
additional_prefix: &[u8],
|
||||||
) -> BindingFactorList<C>
|
) -> BindingFactorList<C>
|
||||||
where
|
where
|
||||||
C: Ciphersuite,
|
C: Ciphersuite,
|
||||||
{
|
{
|
||||||
let preimages = signing_package.binding_factor_preimages(group_public, additional_prefix);
|
let preimages = signing_package.binding_factor_preimages(verifying_key, additional_prefix);
|
||||||
|
|
||||||
BindingFactorList(
|
BindingFactorList(
|
||||||
preimages
|
preimages
|
||||||
|
|
@ -274,7 +274,7 @@ where
|
||||||
#[cfg_attr(docsrs, doc(cfg(feature = "internals")))]
|
#[cfg_attr(docsrs, doc(cfg(feature = "internals")))]
|
||||||
pub fn binding_factor_preimages(
|
pub fn binding_factor_preimages(
|
||||||
&self,
|
&self,
|
||||||
group_public: &VerifyingKey<C>,
|
verifying_key: &VerifyingKey<C>,
|
||||||
additional_prefix: &[u8],
|
additional_prefix: &[u8],
|
||||||
) -> Vec<(Identifier<C>, Vec<u8>)> {
|
) -> Vec<(Identifier<C>, Vec<u8>)> {
|
||||||
let mut binding_factor_input_prefix = vec![];
|
let mut binding_factor_input_prefix = vec![];
|
||||||
|
|
@ -282,7 +282,7 @@ where
|
||||||
// The length of a serialized verifying key of the same cipersuite does
|
// The length of a serialized verifying key of the same cipersuite does
|
||||||
// not change between runs of the protocol, so we don't need to hash to
|
// not change between runs of the protocol, so we don't need to hash to
|
||||||
// get a fixed length.
|
// get a fixed length.
|
||||||
binding_factor_input_prefix.extend_from_slice(group_public.serialize().as_ref());
|
binding_factor_input_prefix.extend_from_slice(verifying_key.serialize().as_ref());
|
||||||
|
|
||||||
// The message is hashed with H4 to force the variable-length message
|
// The message is hashed with H4 to force the variable-length message
|
||||||
// into a fixed-length byte string, same for hashing the variable-sized
|
// into a fixed-length byte string, same for hashing the variable-sized
|
||||||
|
|
@ -422,14 +422,14 @@ where
|
||||||
C: Ciphersuite,
|
C: Ciphersuite,
|
||||||
{
|
{
|
||||||
// Check if signing_package.signing_commitments and signature_shares have
|
// Check if signing_package.signing_commitments and signature_shares have
|
||||||
// the same set of identifiers, and if they are all in pubkeys.signer_pubkeys.
|
// the same set of identifiers, and if they are all in pubkeys.verifying_shares.
|
||||||
if signing_package.signing_commitments().len() != signature_shares.len() {
|
if signing_package.signing_commitments().len() != signature_shares.len() {
|
||||||
return Err(Error::UnknownIdentifier);
|
return Err(Error::UnknownIdentifier);
|
||||||
}
|
}
|
||||||
if !signing_package
|
if !signing_package
|
||||||
.signing_commitments()
|
.signing_commitments()
|
||||||
.keys()
|
.keys()
|
||||||
.all(|id| signature_shares.contains_key(id) && pubkeys.signer_pubkeys().contains_key(id))
|
.all(|id| signature_shares.contains_key(id) && pubkeys.verifying_shares().contains_key(id))
|
||||||
{
|
{
|
||||||
return Err(Error::UnknownIdentifier);
|
return Err(Error::UnknownIdentifier);
|
||||||
}
|
}
|
||||||
|
|
@ -437,7 +437,7 @@ where
|
||||||
// Encodes the signing commitment list produced in round one as part of generating [`BindingFactor`], the
|
// Encodes the signing commitment list produced in round one as part of generating [`BindingFactor`], the
|
||||||
// binding factor.
|
// binding factor.
|
||||||
let binding_factor_list: BindingFactorList<C> =
|
let binding_factor_list: BindingFactorList<C> =
|
||||||
compute_binding_factor_list(signing_package, &pubkeys.group_public, &[]);
|
compute_binding_factor_list(signing_package, &pubkeys.verifying_key, &[]);
|
||||||
|
|
||||||
// Compute the group commitment from signing commitments produced in round one.
|
// Compute the group commitment from signing commitments produced in round one.
|
||||||
let group_commitment = compute_group_commitment(signing_package, &binding_factor_list)?;
|
let group_commitment = compute_group_commitment(signing_package, &binding_factor_list)?;
|
||||||
|
|
@ -461,7 +461,7 @@ where
|
||||||
|
|
||||||
// Verify the aggregate signature
|
// Verify the aggregate signature
|
||||||
let verification_result = pubkeys
|
let verification_result = pubkeys
|
||||||
.group_public
|
.verifying_key
|
||||||
.verify(signing_package.message(), &signature);
|
.verify(signing_package.message(), &signature);
|
||||||
|
|
||||||
// Only if the verification of the aggregate signature failed; verify each share to find the cheater.
|
// Only if the verification of the aggregate signature failed; verify each share to find the cheater.
|
||||||
|
|
@ -471,7 +471,7 @@ where
|
||||||
// Compute the per-message challenge.
|
// Compute the per-message challenge.
|
||||||
let challenge = crate::challenge::<C>(
|
let challenge = crate::challenge::<C>(
|
||||||
&group_commitment.0,
|
&group_commitment.0,
|
||||||
&pubkeys.group_public.element,
|
&pubkeys.verifying_key.element,
|
||||||
signing_package.message().as_slice(),
|
signing_package.message().as_slice(),
|
||||||
);
|
);
|
||||||
|
|
||||||
|
|
@ -480,7 +480,7 @@ where
|
||||||
// Look up the public key for this signer, where `signer_pubkey` = _G.ScalarBaseMult(s[i])_,
|
// Look up the public key for this signer, where `signer_pubkey` = _G.ScalarBaseMult(s[i])_,
|
||||||
// and where s[i] is a secret share of the constant term of _f_, the secret polynomial.
|
// and where s[i] is a secret share of the constant term of _f_, the secret polynomial.
|
||||||
let signer_pubkey = pubkeys
|
let signer_pubkey = pubkeys
|
||||||
.signer_pubkeys
|
.verifying_shares
|
||||||
.get(signature_share_identifier)
|
.get(signature_share_identifier)
|
||||||
.ok_or(Error::UnknownIdentifier)?;
|
.ok_or(Error::UnknownIdentifier)?;
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -356,7 +356,7 @@ pub struct SecretShare<C: Ciphersuite> {
|
||||||
#[zeroize(skip)]
|
#[zeroize(skip)]
|
||||||
pub(crate) identifier: Identifier<C>,
|
pub(crate) identifier: Identifier<C>,
|
||||||
/// Secret Key.
|
/// Secret Key.
|
||||||
pub(crate) value: SigningShare<C>,
|
pub(crate) signing_share: SigningShare<C>,
|
||||||
#[zeroize(skip)]
|
#[zeroize(skip)]
|
||||||
/// The commitments to be distributed among signers.
|
/// The commitments to be distributed among signers.
|
||||||
pub(crate) commitment: VerifiableSecretSharingCommitment<C>,
|
pub(crate) commitment: VerifiableSecretSharingCommitment<C>,
|
||||||
|
|
@ -380,22 +380,17 @@ where
|
||||||
/// Create a new [`SecretShare`] instance.
|
/// Create a new [`SecretShare`] instance.
|
||||||
pub fn new(
|
pub fn new(
|
||||||
identifier: Identifier<C>,
|
identifier: Identifier<C>,
|
||||||
value: SigningShare<C>,
|
signing_share: SigningShare<C>,
|
||||||
commitment: VerifiableSecretSharingCommitment<C>,
|
commitment: VerifiableSecretSharingCommitment<C>,
|
||||||
) -> Self {
|
) -> Self {
|
||||||
SecretShare {
|
SecretShare {
|
||||||
identifier,
|
identifier,
|
||||||
value,
|
signing_share,
|
||||||
commitment,
|
commitment,
|
||||||
ciphersuite: (),
|
ciphersuite: (),
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
/// Gets the inner [`SigningShare`] value.
|
|
||||||
pub fn secret(&self) -> &SigningShare<C> {
|
|
||||||
&self.value
|
|
||||||
}
|
|
||||||
|
|
||||||
/// Verifies that a secret share is consistent with a verifiable secret sharing commitment,
|
/// Verifies that a secret share is consistent with a verifiable secret sharing commitment,
|
||||||
/// and returns the derived group info for the participant (their public verification share,
|
/// and returns the derived group info for the participant (their public verification share,
|
||||||
/// and the group public key) if successful.
|
/// and the group public key) if successful.
|
||||||
|
|
@ -411,18 +406,18 @@ where
|
||||||
///
|
///
|
||||||
/// [spec]: https://www.ietf.org/archive/id/draft-irtf-cfrg-frost-14.html#appendix-C.2-4
|
/// [spec]: https://www.ietf.org/archive/id/draft-irtf-cfrg-frost-14.html#appendix-C.2-4
|
||||||
pub fn verify(&self) -> Result<(VerifyingShare<C>, VerifyingKey<C>), Error<C>> {
|
pub fn verify(&self) -> Result<(VerifyingShare<C>, VerifyingKey<C>), Error<C>> {
|
||||||
let f_result = <C::Group>::generator() * self.value.0;
|
let f_result = <C::Group>::generator() * self.signing_share.0;
|
||||||
let result = evaluate_vss(&self.commitment, self.identifier);
|
let result = evaluate_vss(&self.commitment, self.identifier);
|
||||||
|
|
||||||
if !(f_result == result) {
|
if !(f_result == result) {
|
||||||
return Err(Error::InvalidSecretShare);
|
return Err(Error::InvalidSecretShare);
|
||||||
}
|
}
|
||||||
|
|
||||||
let group_public = VerifyingKey {
|
let verifying_key = VerifyingKey {
|
||||||
element: self.commitment.first()?.0,
|
element: self.commitment.first()?.0,
|
||||||
};
|
};
|
||||||
|
|
||||||
Ok((VerifyingShare(result), group_public))
|
Ok((VerifyingShare(result), verifying_key))
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -496,7 +491,7 @@ pub fn split<C: Ciphersuite, R: RngCore + CryptoRng>(
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
let group_public = VerifyingKey::from(key);
|
let verifying_key = VerifyingKey::from(key);
|
||||||
|
|
||||||
let coefficients = generate_coefficients::<C, R>(min_signers as usize - 1, rng);
|
let coefficients = generate_coefficients::<C, R>(min_signers as usize - 1, rng);
|
||||||
|
|
||||||
|
|
@ -509,15 +504,15 @@ pub fn split<C: Ciphersuite, R: RngCore + CryptoRng>(
|
||||||
generate_secret_shares(key, max_signers, min_signers, coefficients, identifiers)?
|
generate_secret_shares(key, max_signers, min_signers, coefficients, identifiers)?
|
||||||
}
|
}
|
||||||
};
|
};
|
||||||
let mut signer_pubkeys: HashMap<Identifier<C>, VerifyingShare<C>> =
|
let mut verifying_shares: HashMap<Identifier<C>, VerifyingShare<C>> =
|
||||||
HashMap::with_capacity(max_signers as usize);
|
HashMap::with_capacity(max_signers as usize);
|
||||||
|
|
||||||
let mut secret_shares_by_id: HashMap<Identifier<C>, SecretShare<C>> =
|
let mut secret_shares_by_id: HashMap<Identifier<C>, SecretShare<C>> =
|
||||||
HashMap::with_capacity(max_signers as usize);
|
HashMap::with_capacity(max_signers as usize);
|
||||||
|
|
||||||
for secret_share in secret_shares {
|
for secret_share in secret_shares {
|
||||||
let signer_public = secret_share.value.into();
|
let signer_public = secret_share.signing_share.into();
|
||||||
signer_pubkeys.insert(secret_share.identifier, signer_public);
|
verifying_shares.insert(secret_share.identifier, signer_public);
|
||||||
|
|
||||||
secret_shares_by_id.insert(secret_share.identifier, secret_share);
|
secret_shares_by_id.insert(secret_share.identifier, secret_share);
|
||||||
}
|
}
|
||||||
|
|
@ -525,8 +520,8 @@ pub fn split<C: Ciphersuite, R: RngCore + CryptoRng>(
|
||||||
Ok((
|
Ok((
|
||||||
secret_shares_by_id,
|
secret_shares_by_id,
|
||||||
PublicKeyPackage {
|
PublicKeyPackage {
|
||||||
signer_pubkeys,
|
verifying_shares,
|
||||||
group_public,
|
verifying_key,
|
||||||
ciphersuite: (),
|
ciphersuite: (),
|
||||||
},
|
},
|
||||||
))
|
))
|
||||||
|
|
@ -585,14 +580,14 @@ pub struct KeyPackage<C: Ciphersuite> {
|
||||||
/// Denotes the participant identifier each secret share key package is owned by.
|
/// Denotes the participant identifier each secret share key package is owned by.
|
||||||
#[zeroize(skip)]
|
#[zeroize(skip)]
|
||||||
pub(crate) identifier: Identifier<C>,
|
pub(crate) identifier: Identifier<C>,
|
||||||
/// This participant's secret share.
|
/// This participant's signing share. This is secret.
|
||||||
pub(crate) secret_share: SigningShare<C>,
|
pub(crate) signing_share: SigningShare<C>,
|
||||||
/// This participant's public key.
|
/// This participant's public key.
|
||||||
#[zeroize(skip)]
|
#[zeroize(skip)]
|
||||||
pub(crate) public: VerifyingShare<C>,
|
pub(crate) verifying_share: VerifyingShare<C>,
|
||||||
/// The public verifying key that represents the entire group.
|
/// The public verifying key that represents the entire group.
|
||||||
#[zeroize(skip)]
|
#[zeroize(skip)]
|
||||||
pub(crate) group_public: VerifyingKey<C>,
|
pub(crate) verifying_key: VerifyingKey<C>,
|
||||||
pub(crate) min_signers: u16,
|
pub(crate) min_signers: u16,
|
||||||
/// Ciphersuite ID for serialization
|
/// Ciphersuite ID for serialization
|
||||||
#[cfg_attr(
|
#[cfg_attr(
|
||||||
|
|
@ -614,16 +609,16 @@ where
|
||||||
/// Create a new [`KeyPackage`] instance.
|
/// Create a new [`KeyPackage`] instance.
|
||||||
pub fn new(
|
pub fn new(
|
||||||
identifier: Identifier<C>,
|
identifier: Identifier<C>,
|
||||||
secret_share: SigningShare<C>,
|
signing_share: SigningShare<C>,
|
||||||
public: VerifyingShare<C>,
|
verifying_share: VerifyingShare<C>,
|
||||||
group_public: VerifyingKey<C>,
|
verifying_key: VerifyingKey<C>,
|
||||||
min_signers: u16,
|
min_signers: u16,
|
||||||
) -> Self {
|
) -> Self {
|
||||||
Self {
|
Self {
|
||||||
identifier,
|
identifier,
|
||||||
secret_share,
|
signing_share,
|
||||||
public,
|
verifying_share,
|
||||||
group_public,
|
verifying_key,
|
||||||
min_signers,
|
min_signers,
|
||||||
ciphersuite: (),
|
ciphersuite: (),
|
||||||
}
|
}
|
||||||
|
|
@ -661,13 +656,13 @@ where
|
||||||
/// dealer, but implementations *MUST* make sure that all participants have
|
/// dealer, but implementations *MUST* make sure that all participants have
|
||||||
/// a consistent view of this commitment in practice.
|
/// a consistent view of this commitment in practice.
|
||||||
fn try_from(secret_share: SecretShare<C>) -> Result<Self, Error<C>> {
|
fn try_from(secret_share: SecretShare<C>) -> Result<Self, Error<C>> {
|
||||||
let (public, group_public) = secret_share.verify()?;
|
let (verifying_share, verifying_key) = secret_share.verify()?;
|
||||||
|
|
||||||
Ok(KeyPackage {
|
Ok(KeyPackage {
|
||||||
identifier: secret_share.identifier,
|
identifier: secret_share.identifier,
|
||||||
secret_share: secret_share.value,
|
signing_share: secret_share.signing_share,
|
||||||
public,
|
verifying_share,
|
||||||
group_public,
|
verifying_key,
|
||||||
min_signers: secret_share.commitment.0.len() as u16,
|
min_signers: secret_share.commitment.0.len() as u16,
|
||||||
ciphersuite: (),
|
ciphersuite: (),
|
||||||
})
|
})
|
||||||
|
|
@ -684,9 +679,9 @@ where
|
||||||
pub struct PublicKeyPackage<C: Ciphersuite> {
|
pub struct PublicKeyPackage<C: Ciphersuite> {
|
||||||
/// The verifying shares for all participants. Used to validate signature
|
/// The verifying shares for all participants. Used to validate signature
|
||||||
/// shares they generate.
|
/// shares they generate.
|
||||||
pub(crate) signer_pubkeys: HashMap<Identifier<C>, VerifyingShare<C>>,
|
pub(crate) verifying_shares: HashMap<Identifier<C>, VerifyingShare<C>>,
|
||||||
/// The joint public key for the entire group.
|
/// The joint public key for the entire group.
|
||||||
pub(crate) group_public: VerifyingKey<C>,
|
pub(crate) verifying_key: VerifyingKey<C>,
|
||||||
/// Ciphersuite ID for serialization
|
/// Ciphersuite ID for serialization
|
||||||
#[cfg_attr(
|
#[cfg_attr(
|
||||||
feature = "serde",
|
feature = "serde",
|
||||||
|
|
@ -706,12 +701,12 @@ where
|
||||||
{
|
{
|
||||||
/// Create a new [`PublicKeyPackage`] instance.
|
/// Create a new [`PublicKeyPackage`] instance.
|
||||||
pub fn new(
|
pub fn new(
|
||||||
signer_pubkeys: HashMap<Identifier<C>, VerifyingShare<C>>,
|
verifying_shares: HashMap<Identifier<C>, VerifyingShare<C>>,
|
||||||
group_public: VerifyingKey<C>,
|
verifying_key: VerifyingKey<C>,
|
||||||
) -> Self {
|
) -> Self {
|
||||||
Self {
|
Self {
|
||||||
signer_pubkeys,
|
verifying_shares,
|
||||||
group_public,
|
verifying_key,
|
||||||
ciphersuite: (),
|
ciphersuite: (),
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
@ -827,7 +822,7 @@ pub(crate) fn generate_secret_shares<C: Ciphersuite>(
|
||||||
|
|
||||||
secret_shares.push(SecretShare {
|
secret_shares.push(SecretShare {
|
||||||
identifier: *id,
|
identifier: *id,
|
||||||
value: SigningShare(value),
|
signing_share: SigningShare(value),
|
||||||
commitment: commitment.clone(),
|
commitment: commitment.clone(),
|
||||||
ciphersuite: (),
|
ciphersuite: (),
|
||||||
});
|
});
|
||||||
|
|
@ -880,12 +875,12 @@ pub fn reconstruct<C: Ciphersuite>(
|
||||||
}
|
}
|
||||||
|
|
||||||
// Compute the Lagrange coefficients
|
// Compute the Lagrange coefficients
|
||||||
for secret_share in key_packages.iter() {
|
for key_package in key_packages.iter() {
|
||||||
let lagrange_coefficient =
|
let lagrange_coefficient =
|
||||||
compute_lagrange_coefficient(&identifiers, None, secret_share.identifier)?;
|
compute_lagrange_coefficient(&identifiers, None, key_package.identifier)?;
|
||||||
|
|
||||||
// Compute y = f(0) via polynomial interpolation of these t-of-n solutions ('points) of f
|
// Compute y = f(0) via polynomial interpolation of these t-of-n solutions ('points) of f
|
||||||
secret = secret + (lagrange_coefficient * secret_share.secret_share().0);
|
secret = secret + (lagrange_coefficient * key_package.signing_share().0);
|
||||||
}
|
}
|
||||||
|
|
||||||
Ok(SigningKey { scalar: secret })
|
Ok(SigningKey { scalar: secret })
|
||||||
|
|
|
||||||
|
|
@ -179,7 +179,7 @@ pub mod round2 {
|
||||||
#[cfg_attr(feature = "serde", serde(deny_unknown_fields))]
|
#[cfg_attr(feature = "serde", serde(deny_unknown_fields))]
|
||||||
pub struct Package<C: Ciphersuite> {
|
pub struct Package<C: Ciphersuite> {
|
||||||
/// The secret share being sent.
|
/// The secret share being sent.
|
||||||
pub(crate) secret_share: SigningShare<C>,
|
pub(crate) signing_share: SigningShare<C>,
|
||||||
/// Ciphersuite ID for serialization
|
/// Ciphersuite ID for serialization
|
||||||
#[cfg_attr(
|
#[cfg_attr(
|
||||||
feature = "serde",
|
feature = "serde",
|
||||||
|
|
@ -198,9 +198,9 @@ pub mod round2 {
|
||||||
C: Ciphersuite,
|
C: Ciphersuite,
|
||||||
{
|
{
|
||||||
/// Create a new [`Package`] instance.
|
/// Create a new [`Package`] instance.
|
||||||
pub fn new(secret_share: SigningShare<C>) -> Self {
|
pub fn new(signing_share: SigningShare<C>) -> Self {
|
||||||
Self {
|
Self {
|
||||||
secret_share,
|
signing_share,
|
||||||
ciphersuite: (),
|
ciphersuite: (),
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
@ -400,7 +400,7 @@ pub fn part2<C: Ciphersuite>(
|
||||||
round2_packages.insert(
|
round2_packages.insert(
|
||||||
ell,
|
ell,
|
||||||
round2::Package {
|
round2::Package {
|
||||||
secret_share: SigningShare(value),
|
signing_share: SigningShare(value),
|
||||||
ciphersuite: (),
|
ciphersuite: (),
|
||||||
},
|
},
|
||||||
);
|
);
|
||||||
|
|
@ -418,9 +418,9 @@ pub fn part2<C: Ciphersuite>(
|
||||||
))
|
))
|
||||||
}
|
}
|
||||||
|
|
||||||
/// Computes the verifying keys of the other participants for the third step
|
/// Computes the verifying shares of the other participants for the third step
|
||||||
/// of the DKG protocol.
|
/// of the DKG protocol.
|
||||||
fn compute_verifying_keys<C: Ciphersuite>(
|
fn compute_verifying_shares<C: Ciphersuite>(
|
||||||
round1_packages: &HashMap<Identifier<C>, round1::Package<C>>,
|
round1_packages: &HashMap<Identifier<C>, round1::Package<C>>,
|
||||||
round2_secret_package: &round2::SecretPackage<C>,
|
round2_secret_package: &round2::SecretPackage<C>,
|
||||||
) -> Result<HashMap<Identifier<C>, VerifyingShare<C>>, Error<C>> {
|
) -> Result<HashMap<Identifier<C>, VerifyingShare<C>>, Error<C>> {
|
||||||
|
|
@ -428,7 +428,7 @@ fn compute_verifying_keys<C: Ciphersuite>(
|
||||||
//
|
//
|
||||||
// > Any participant can compute the public verification share of any other participant
|
// > Any participant can compute the public verification share of any other participant
|
||||||
// > by calculating Y_i = ∏_{j=1}^n ∏_{k=0}^{t−1} φ_{jk}^{i^k mod q}.
|
// > by calculating Y_i = ∏_{j=1}^n ∏_{k=0}^{t−1} φ_{jk}^{i^k mod q}.
|
||||||
let mut others_verifying_keys = HashMap::new();
|
let mut others_verifying_shares = HashMap::new();
|
||||||
|
|
||||||
// Note that in this loop, "i" refers to the other participant whose public verification share
|
// Note that in this loop, "i" refers to the other participant whose public verification share
|
||||||
// we are computing, and not the current participant.
|
// we are computing, and not the current participant.
|
||||||
|
|
@ -454,9 +454,9 @@ fn compute_verifying_keys<C: Ciphersuite>(
|
||||||
y_i = y_i + evaluate_vss(commitment?, i);
|
y_i = y_i + evaluate_vss(commitment?, i);
|
||||||
}
|
}
|
||||||
let y_i = VerifyingShare(y_i);
|
let y_i = VerifyingShare(y_i);
|
||||||
others_verifying_keys.insert(i, y_i);
|
others_verifying_shares.insert(i, y_i);
|
||||||
}
|
}
|
||||||
Ok(others_verifying_keys)
|
Ok(others_verifying_shares)
|
||||||
}
|
}
|
||||||
|
|
||||||
/// Performs the third and final part of the distributed key generation protocol
|
/// Performs the third and final part of the distributed key generation protocol
|
||||||
|
|
@ -495,7 +495,7 @@ pub fn part3<C: Ciphersuite>(
|
||||||
}
|
}
|
||||||
|
|
||||||
let mut signing_share = <<C::Group as Group>::Field>::zero();
|
let mut signing_share = <<C::Group as Group>::Field>::zero();
|
||||||
let mut group_public = <C::Group>::identity();
|
let mut verifying_key = <C::Group>::identity();
|
||||||
|
|
||||||
for (sender_identifier, round2_package) in round2_packages {
|
for (sender_identifier, round2_package) in round2_packages {
|
||||||
// Round 2, Step 2
|
// Round 2, Step 2
|
||||||
|
|
@ -504,7 +504,7 @@ pub fn part3<C: Ciphersuite>(
|
||||||
// > g^{f_ℓ(i)} ≟ ∏^{t−1}_{k=0} φ^{i^k mod q}_{ℓk}, aborting if the
|
// > g^{f_ℓ(i)} ≟ ∏^{t−1}_{k=0} φ^{i^k mod q}_{ℓk}, aborting if the
|
||||||
// > check fails.
|
// > check fails.
|
||||||
let ell = *sender_identifier;
|
let ell = *sender_identifier;
|
||||||
let f_ell_i = round2_package.secret_share;
|
let f_ell_i = round2_package.signing_share;
|
||||||
|
|
||||||
let commitment = &round1_packages
|
let commitment = &round1_packages
|
||||||
.get(&ell)
|
.get(&ell)
|
||||||
|
|
@ -516,7 +516,7 @@ pub fn part3<C: Ciphersuite>(
|
||||||
// Build a temporary SecretShare so what we can call verify().
|
// Build a temporary SecretShare so what we can call verify().
|
||||||
let secret_share = SecretShare {
|
let secret_share = SecretShare {
|
||||||
identifier: round2_secret_package.identifier,
|
identifier: round2_secret_package.identifier,
|
||||||
value: f_ell_i,
|
signing_share: f_ell_i,
|
||||||
commitment: commitment.clone(),
|
commitment: commitment.clone(),
|
||||||
ciphersuite: (),
|
ciphersuite: (),
|
||||||
};
|
};
|
||||||
|
|
@ -533,41 +533,42 @@ pub fn part3<C: Ciphersuite>(
|
||||||
// Round 2, Step 4
|
// Round 2, Step 4
|
||||||
//
|
//
|
||||||
// > Each P_i calculates [...] the group’s public key Y = ∏^n_{j=1} φ_{j0}.
|
// > Each P_i calculates [...] the group’s public key Y = ∏^n_{j=1} φ_{j0}.
|
||||||
group_public = group_public + commitment.first()?.0;
|
verifying_key = verifying_key + commitment.first()?.0;
|
||||||
}
|
}
|
||||||
|
|
||||||
signing_share = signing_share + round2_secret_package.secret_share;
|
signing_share = signing_share + round2_secret_package.secret_share;
|
||||||
group_public = group_public + round2_secret_package.commitment.first()?.0;
|
verifying_key = verifying_key + round2_secret_package.commitment.first()?.0;
|
||||||
|
|
||||||
let signing_share = SigningShare(signing_share);
|
let signing_share = SigningShare(signing_share);
|
||||||
// Round 2, Step 4
|
// Round 2, Step 4
|
||||||
//
|
//
|
||||||
// > Each P_i calculates their public verification share Y_i = g^{s_i}.
|
// > Each P_i calculates their public verification share Y_i = g^{s_i}.
|
||||||
let verifying_key = signing_share.into();
|
let verifying_share = signing_share.into();
|
||||||
let group_public = VerifyingKey {
|
let verifying_key = VerifyingKey {
|
||||||
element: group_public,
|
element: verifying_key,
|
||||||
};
|
};
|
||||||
|
|
||||||
// Round 2, Step 4
|
// Round 2, Step 4
|
||||||
//
|
//
|
||||||
// > Any participant can compute the public verification share of any other participant
|
// > Any participant can compute the public verification share of any other participant
|
||||||
// > by calculating Y_i = ∏_{j=1}^n ∏_{k=0}^{t−1} φ_{jk}^{i^k mod q}.
|
// > by calculating Y_i = ∏_{j=1}^n ∏_{k=0}^{t−1} φ_{jk}^{i^k mod q}.
|
||||||
let mut all_verifying_keys = compute_verifying_keys(round1_packages, round2_secret_package)?;
|
let mut all_verifying_shares =
|
||||||
|
compute_verifying_shares(round1_packages, round2_secret_package)?;
|
||||||
|
|
||||||
// Add the participant's own public verification share for consistency
|
// Add the participant's own public verification share for consistency
|
||||||
all_verifying_keys.insert(round2_secret_package.identifier, verifying_key);
|
all_verifying_shares.insert(round2_secret_package.identifier, verifying_share);
|
||||||
|
|
||||||
let key_package = KeyPackage {
|
let key_package = KeyPackage {
|
||||||
identifier: round2_secret_package.identifier,
|
identifier: round2_secret_package.identifier,
|
||||||
secret_share: signing_share,
|
signing_share,
|
||||||
public: verifying_key,
|
verifying_share,
|
||||||
group_public,
|
verifying_key,
|
||||||
min_signers: round2_secret_package.min_signers,
|
min_signers: round2_secret_package.min_signers,
|
||||||
ciphersuite: (),
|
ciphersuite: (),
|
||||||
};
|
};
|
||||||
let public_key_package = PublicKeyPackage {
|
let public_key_package = PublicKeyPackage {
|
||||||
signer_pubkeys: all_verifying_keys,
|
verifying_shares: all_verifying_shares,
|
||||||
group_public,
|
verifying_key,
|
||||||
ciphersuite: (),
|
ciphersuite: (),
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -56,7 +56,7 @@ fn compute_last_random_value<C: Ciphersuite>(
|
||||||
// Calculate Lagrange Coefficient for helper_i
|
// Calculate Lagrange Coefficient for helper_i
|
||||||
let zeta_i = compute_lagrange_coefficient(helpers, Some(participant), share_i.identifier)?;
|
let zeta_i = compute_lagrange_coefficient(helpers, Some(participant), share_i.identifier)?;
|
||||||
|
|
||||||
let lhs = zeta_i * share_i.value.0;
|
let lhs = zeta_i * share_i.signing_share.0;
|
||||||
|
|
||||||
let mut out: HashMap<Identifier<C>, Scalar<C>> = helpers
|
let mut out: HashMap<Identifier<C>, Scalar<C>> = helpers
|
||||||
.iter()
|
.iter()
|
||||||
|
|
@ -122,7 +122,7 @@ pub fn repair_share_step_3<C: Ciphersuite>(
|
||||||
|
|
||||||
SecretShare {
|
SecretShare {
|
||||||
identifier,
|
identifier,
|
||||||
value: SigningShare(share),
|
signing_share: SigningShare(share),
|
||||||
commitment: commitment.clone(),
|
commitment: commitment.clone(),
|
||||||
ciphersuite: (),
|
ciphersuite: (),
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -167,7 +167,7 @@ fn compute_signature_share<C: Ciphersuite>(
|
||||||
) -> SignatureShare<C> {
|
) -> SignatureShare<C> {
|
||||||
let z_share: <<C::Group as Group>::Field as Field>::Scalar = signer_nonces.hiding.0
|
let z_share: <<C::Group as Group>::Field as Field>::Scalar = signer_nonces.hiding.0
|
||||||
+ (signer_nonces.binding.0 * binding_factor.0)
|
+ (signer_nonces.binding.0 * binding_factor.0)
|
||||||
+ (lambda_i * key_package.secret_share.0 * challenge.0);
|
+ (lambda_i * key_package.signing_share.0 * challenge.0);
|
||||||
|
|
||||||
SignatureShare::<C> { share: z_share }
|
SignatureShare::<C> { share: z_share }
|
||||||
}
|
}
|
||||||
|
|
@ -207,7 +207,7 @@ pub fn sign<C: Ciphersuite>(
|
||||||
// Encodes the signing commitment list produced in round one as part of generating [`BindingFactor`], the
|
// Encodes the signing commitment list produced in round one as part of generating [`BindingFactor`], the
|
||||||
// binding factor.
|
// binding factor.
|
||||||
let binding_factor_list: BindingFactorList<C> =
|
let binding_factor_list: BindingFactorList<C> =
|
||||||
compute_binding_factor_list(signing_package, &key_package.group_public, &[]);
|
compute_binding_factor_list(signing_package, &key_package.verifying_key, &[]);
|
||||||
let binding_factor: frost::BindingFactor<C> = binding_factor_list
|
let binding_factor: frost::BindingFactor<C> = binding_factor_list
|
||||||
.get(&key_package.identifier)
|
.get(&key_package.identifier)
|
||||||
.ok_or(Error::UnknownIdentifier)?
|
.ok_or(Error::UnknownIdentifier)?
|
||||||
|
|
@ -222,7 +222,7 @@ pub fn sign<C: Ciphersuite>(
|
||||||
// Compute the per-message challenge.
|
// Compute the per-message challenge.
|
||||||
let challenge = challenge::<C>(
|
let challenge = challenge::<C>(
|
||||||
&group_commitment.0,
|
&group_commitment.0,
|
||||||
&key_package.group_public.element,
|
&key_package.verifying_key.element,
|
||||||
signing_package.message.as_slice(),
|
signing_package.message.as_slice(),
|
||||||
);
|
);
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -212,7 +212,7 @@ pub fn check_sign<C: Ciphersuite + PartialEq, R: RngCore + CryptoRng>(
|
||||||
key_packages
|
key_packages
|
||||||
.get(&participant_identifier)
|
.get(&participant_identifier)
|
||||||
.unwrap()
|
.unwrap()
|
||||||
.secret_share(),
|
.signing_share(),
|
||||||
&mut rng,
|
&mut rng,
|
||||||
);
|
);
|
||||||
nonces_map.insert(participant_identifier, nonces);
|
nonces_map.insert(participant_identifier, nonces);
|
||||||
|
|
@ -263,21 +263,23 @@ pub fn check_sign<C: Ciphersuite + PartialEq, R: RngCore + CryptoRng>(
|
||||||
// Check that the threshold signature can be verified by the group public
|
// Check that the threshold signature can be verified by the group public
|
||||||
// key (the verification key).
|
// key (the verification key).
|
||||||
pubkey_package
|
pubkey_package
|
||||||
.group_public
|
.verifying_key
|
||||||
.verify(message, &group_signature)?;
|
.verify(message, &group_signature)?;
|
||||||
|
|
||||||
// Check that the threshold signature can be verified by the group public
|
// Check that the threshold signature can be verified by the group public
|
||||||
// key (the verification key) from KeyPackage.group_public
|
// key (the verification key) from KeyPackage.verifying_key
|
||||||
for (participant_identifier, _) in nonces_map.clone() {
|
for (participant_identifier, _) in nonces_map.clone() {
|
||||||
let key_package = key_packages.get(&participant_identifier).unwrap();
|
let key_package = key_packages.get(&participant_identifier).unwrap();
|
||||||
|
|
||||||
key_package.group_public.verify(message, &group_signature)?;
|
key_package
|
||||||
|
.verifying_key
|
||||||
|
.verify(message, &group_signature)?;
|
||||||
}
|
}
|
||||||
|
|
||||||
Ok((
|
Ok((
|
||||||
message.to_owned(),
|
message.to_owned(),
|
||||||
group_signature,
|
group_signature,
|
||||||
pubkey_package.group_public,
|
pubkey_package.verifying_key,
|
||||||
))
|
))
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -311,10 +313,10 @@ fn check_aggregate_errors<C: Ciphersuite + PartialEq>(
|
||||||
signature_shares.clone(),
|
signature_shares.clone(),
|
||||||
pubkey_package.clone(),
|
pubkey_package.clone(),
|
||||||
);
|
);
|
||||||
check_aggregate_invalid_share_identifier_for_signer_pubkeys(
|
check_aggregate_invalid_share_identifier_for_verifying_shares(
|
||||||
signing_package.clone(),
|
signing_package,
|
||||||
signature_shares.clone(),
|
signature_shares,
|
||||||
pubkey_package.clone(),
|
pubkey_package,
|
||||||
);
|
);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -336,7 +338,7 @@ fn check_aggregate_corrupted_share<C: Ciphersuite + PartialEq>(
|
||||||
/// Note that the SigningPackage part of the finding is not currently reachable
|
/// Note that the SigningPackage part of the finding is not currently reachable
|
||||||
/// since it's caught by `compute_lagrange_coefficient()`, and the Binding Factor
|
/// since it's caught by `compute_lagrange_coefficient()`, and the Binding Factor
|
||||||
/// part can't either since it's caught before by the PublicKeyPackage part.
|
/// part can't either since it's caught before by the PublicKeyPackage part.
|
||||||
fn check_aggregate_invalid_share_identifier_for_signer_pubkeys<C: Ciphersuite + PartialEq>(
|
fn check_aggregate_invalid_share_identifier_for_verifying_shares<C: Ciphersuite + PartialEq>(
|
||||||
signing_package: frost::SigningPackage<C>,
|
signing_package: frost::SigningPackage<C>,
|
||||||
mut signature_shares: HashMap<frost::Identifier<C>, frost::round2::SignatureShare<C>>,
|
mut signature_shares: HashMap<frost::Identifier<C>, frost::round2::SignatureShare<C>>,
|
||||||
pubkey_package: frost::keys::PublicKeyPackage<C>,
|
pubkey_package: frost::keys::PublicKeyPackage<C>,
|
||||||
|
|
@ -467,7 +469,7 @@ where
|
||||||
// Used by the signing test that follows.
|
// Used by the signing test that follows.
|
||||||
let mut verifying_keys = HashMap::new();
|
let mut verifying_keys = HashMap::new();
|
||||||
// The group public key, used by the signing test that follows.
|
// The group public key, used by the signing test that follows.
|
||||||
let mut group_public = None;
|
let mut verifying_key = None;
|
||||||
// For each participant, store the set of verifying keys they have computed.
|
// For each participant, store the set of verifying keys they have computed.
|
||||||
// This is used to check if the set is correct (the same) for all participants.
|
// This is used to check if the set is correct (the same) for all participants.
|
||||||
// In practice, if there is a Coordinator, only they need to store the set.
|
// In practice, if there is a Coordinator, only they need to store the set.
|
||||||
|
|
@ -493,12 +495,12 @@ where
|
||||||
&received_round2_packages[&participant_identifier],
|
&received_round2_packages[&participant_identifier],
|
||||||
)
|
)
|
||||||
.unwrap();
|
.unwrap();
|
||||||
verifying_keys.insert(participant_identifier, key_package.public);
|
verifying_keys.insert(participant_identifier, key_package.verifying_share);
|
||||||
// Test if all group_public are equal
|
// Test if all verifying_key are equal
|
||||||
if let Some(previous_group_public) = group_public {
|
if let Some(previous_verifying_key) = verifying_key {
|
||||||
assert_eq!(previous_group_public, key_package.group_public)
|
assert_eq!(previous_verifying_key, key_package.verifying_key)
|
||||||
}
|
}
|
||||||
group_public = Some(key_package.group_public);
|
verifying_key = Some(key_package.verifying_key);
|
||||||
key_packages.insert(participant_identifier, key_package);
|
key_packages.insert(participant_identifier, key_package);
|
||||||
pubkey_packages_by_participant
|
pubkey_packages_by_participant
|
||||||
.insert(participant_identifier, pubkey_package_for_participant);
|
.insert(participant_identifier, pubkey_package_for_participant);
|
||||||
|
|
@ -506,10 +508,10 @@ where
|
||||||
|
|
||||||
// Test if the set of verifying keys is correct for all participants.
|
// Test if the set of verifying keys is correct for all participants.
|
||||||
for verifying_keys_for_participant in pubkey_packages_by_participant.values() {
|
for verifying_keys_for_participant in pubkey_packages_by_participant.values() {
|
||||||
assert!(verifying_keys_for_participant.signer_pubkeys == verifying_keys);
|
assert!(verifying_keys_for_participant.verifying_shares == verifying_keys);
|
||||||
}
|
}
|
||||||
|
|
||||||
let pubkeys = frost::keys::PublicKeyPackage::new(verifying_keys, group_public.unwrap());
|
let pubkeys = frost::keys::PublicKeyPackage::new(verifying_keys, verifying_key.unwrap());
|
||||||
|
|
||||||
// Proceed with the signing test.
|
// Proceed with the signing test.
|
||||||
check_sign(min_signers, key_packages, rng, pubkeys).unwrap()
|
check_sign(min_signers, key_packages, rng, pubkeys).unwrap()
|
||||||
|
|
@ -713,7 +715,7 @@ pub fn check_sign_with_missing_identifier<C: Ciphersuite, R: RngCore + CryptoRng
|
||||||
key_packages
|
key_packages
|
||||||
.get(&participant_identifier)
|
.get(&participant_identifier)
|
||||||
.unwrap()
|
.unwrap()
|
||||||
.secret_share(),
|
.signing_share(),
|
||||||
&mut rng,
|
&mut rng,
|
||||||
);
|
);
|
||||||
nonces_map.insert(participant_identifier, nonces);
|
nonces_map.insert(participant_identifier, nonces);
|
||||||
|
|
@ -786,13 +788,13 @@ pub fn check_sign_with_incorrect_commitments<C: Ciphersuite, R: RngCore + Crypto
|
||||||
// let key_packages_inc = vec![id_1, id_2, id_3];
|
// let key_packages_inc = vec![id_1, id_2, id_3];
|
||||||
|
|
||||||
let (_nonces_1, commitments_1) =
|
let (_nonces_1, commitments_1) =
|
||||||
frost::round1::commit(key_packages[&id_1].secret_share(), &mut rng);
|
frost::round1::commit(key_packages[&id_1].signing_share(), &mut rng);
|
||||||
|
|
||||||
let (_nonces_2, commitments_2) =
|
let (_nonces_2, commitments_2) =
|
||||||
frost::round1::commit(key_packages[&id_2].secret_share(), &mut rng);
|
frost::round1::commit(key_packages[&id_2].signing_share(), &mut rng);
|
||||||
|
|
||||||
let (nonces_3, _commitments_3) =
|
let (nonces_3, _commitments_3) =
|
||||||
frost::round1::commit(key_packages[&id_3].secret_share(), &mut rng);
|
frost::round1::commit(key_packages[&id_3].signing_share(), &mut rng);
|
||||||
|
|
||||||
commitments_map.insert(id_1, commitments_1);
|
commitments_map.insert(id_1, commitments_1);
|
||||||
commitments_map.insert(id_2, commitments_2);
|
commitments_map.insert(id_2, commitments_2);
|
||||||
|
|
|
||||||
|
|
@ -89,7 +89,7 @@ pub fn check_rts<C: Ciphersuite, R: RngCore + CryptoRng>(mut rng: R) {
|
||||||
);
|
);
|
||||||
|
|
||||||
// TODO: assert on commitment equality as well once updates have been made to VerifiableSecretSharingCommitment
|
// TODO: assert on commitment equality as well once updates have been made to VerifiableSecretSharingCommitment
|
||||||
assert!(participant.secret() == participant_recovered_share.secret())
|
assert!(participant.signing_share() == participant_recovered_share.signing_share())
|
||||||
}
|
}
|
||||||
|
|
||||||
fn generate_scalar_from_byte_string<C: Ciphersuite>(
|
fn generate_scalar_from_byte_string<C: Ciphersuite>(
|
||||||
|
|
@ -144,7 +144,7 @@ pub fn check_repair_share_step_1<C: Ciphersuite, R: RngCore + CryptoRng>(mut rng
|
||||||
rhs = rhs + v;
|
rhs = rhs + v;
|
||||||
}
|
}
|
||||||
|
|
||||||
let lhs = lagrange_coefficient * helper_4.value.0;
|
let lhs = lagrange_coefficient * helper_4.signing_share.0;
|
||||||
|
|
||||||
assert!(lhs == rhs)
|
assert!(lhs == rhs)
|
||||||
}
|
}
|
||||||
|
|
@ -208,7 +208,7 @@ pub fn check_repair_share_step_3<C: Ciphersuite, R: RngCore + CryptoRng>(
|
||||||
commitment,
|
commitment,
|
||||||
);
|
);
|
||||||
|
|
||||||
assert!(actual.value == expected.value);
|
assert!(actual.signing_share == expected.signing_share);
|
||||||
}
|
}
|
||||||
|
|
||||||
/// Test repair share step 1 fails with invalid numbers of signers.
|
/// Test repair share step 1 fails with invalid numbers of signers.
|
||||||
|
|
|
||||||
|
|
@ -13,7 +13,7 @@ use crate::{
|
||||||
/// Test vectors for a ciphersuite.
|
/// Test vectors for a ciphersuite.
|
||||||
pub struct TestVectors<C: Ciphersuite> {
|
pub struct TestVectors<C: Ciphersuite> {
|
||||||
secret_key: SigningKey<C>,
|
secret_key: SigningKey<C>,
|
||||||
group_public: VerifyingKey<C>,
|
verifying_key: VerifyingKey<C>,
|
||||||
key_packages: HashMap<Identifier<C>, KeyPackage<C>>,
|
key_packages: HashMap<Identifier<C>, KeyPackage<C>>,
|
||||||
message_bytes: Vec<u8>,
|
message_bytes: Vec<u8>,
|
||||||
share_polynomial_coefficients: Vec<Scalar<C>>,
|
share_polynomial_coefficients: Vec<Scalar<C>>,
|
||||||
|
|
@ -57,8 +57,8 @@ pub fn parse_test_vectors<C: Ciphersuite>(json_vectors: &Value) -> TestVectors<C
|
||||||
.unwrap()
|
.unwrap()
|
||||||
.iter();
|
.iter();
|
||||||
|
|
||||||
let group_public =
|
let verifying_key =
|
||||||
VerifyingKey::<C>::from_hex(inputs["group_public_key"].as_str().unwrap()).unwrap();
|
VerifyingKey::<C>::from_hex(inputs["verifying_key_key"].as_str().unwrap()).unwrap();
|
||||||
|
|
||||||
for secret_share in possible_participants {
|
for secret_share in possible_participants {
|
||||||
let i = secret_share["identifier"].as_u64().unwrap() as u16;
|
let i = secret_share["identifier"].as_u64().unwrap() as u16;
|
||||||
|
|
@ -72,7 +72,7 @@ pub fn parse_test_vectors<C: Ciphersuite>(json_vectors: &Value) -> TestVectors<C
|
||||||
i.try_into().unwrap(),
|
i.try_into().unwrap(),
|
||||||
secret,
|
secret,
|
||||||
signer_public,
|
signer_public,
|
||||||
group_public,
|
verifying_key,
|
||||||
min_signers as u16,
|
min_signers as u16,
|
||||||
);
|
);
|
||||||
|
|
||||||
|
|
@ -154,7 +154,7 @@ pub fn parse_test_vectors<C: Ciphersuite>(json_vectors: &Value) -> TestVectors<C
|
||||||
|
|
||||||
TestVectors {
|
TestVectors {
|
||||||
secret_key,
|
secret_key,
|
||||||
group_public,
|
verifying_key,
|
||||||
key_packages,
|
key_packages,
|
||||||
message_bytes,
|
message_bytes,
|
||||||
share_polynomial_coefficients,
|
share_polynomial_coefficients,
|
||||||
|
|
@ -173,7 +173,7 @@ pub fn parse_test_vectors<C: Ciphersuite>(json_vectors: &Value) -> TestVectors<C
|
||||||
pub fn check_sign_with_test_vectors<C: Ciphersuite>(json_vectors: &Value) {
|
pub fn check_sign_with_test_vectors<C: Ciphersuite>(json_vectors: &Value) {
|
||||||
let TestVectors {
|
let TestVectors {
|
||||||
secret_key,
|
secret_key,
|
||||||
group_public,
|
verifying_key,
|
||||||
key_packages,
|
key_packages,
|
||||||
message_bytes,
|
message_bytes,
|
||||||
share_polynomial_coefficients,
|
share_polynomial_coefficients,
|
||||||
|
|
@ -208,12 +208,12 @@ pub fn check_sign_with_test_vectors<C: Ciphersuite>(json_vectors: &Value) {
|
||||||
|
|
||||||
for key_package in key_packages.values() {
|
for key_package in key_packages.values() {
|
||||||
assert_eq!(
|
assert_eq!(
|
||||||
*key_package.public(),
|
*key_package.verifying_share(),
|
||||||
frost::keys::VerifyingShare::from(*key_package.secret_share())
|
frost::keys::VerifyingShare::from(*key_package.signing_share())
|
||||||
);
|
);
|
||||||
assert_eq!(
|
assert_eq!(
|
||||||
key_package.secret_share(),
|
key_package.signing_share(),
|
||||||
secret_shares[key_package.identifier()].secret()
|
secret_shares[key_package.identifier()].signing_share()
|
||||||
)
|
)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -225,7 +225,7 @@ pub fn check_sign_with_test_vectors<C: Ciphersuite>(json_vectors: &Value) {
|
||||||
let nonces = signer_nonces.get(&i).unwrap();
|
let nonces = signer_nonces.get(&i).unwrap();
|
||||||
|
|
||||||
// compute nonces from secret and randomness
|
// compute nonces from secret and randomness
|
||||||
let secret = secret_shares[&i].secret();
|
let secret = secret_shares[&i].signing_share();
|
||||||
|
|
||||||
let hiding_nonce_randomness = &hiding_nonces_randomness[&i];
|
let hiding_nonce_randomness = &hiding_nonces_randomness[&i];
|
||||||
let hiding_nonce = Nonce::nonce_generate_from_random_bytes(
|
let hiding_nonce = Nonce::nonce_generate_from_random_bytes(
|
||||||
|
|
@ -262,14 +262,14 @@ pub fn check_sign_with_test_vectors<C: Ciphersuite>(json_vectors: &Value) {
|
||||||
let signing_package = frost::SigningPackage::new(signer_commitments, &message_bytes);
|
let signing_package = frost::SigningPackage::new(signer_commitments, &message_bytes);
|
||||||
|
|
||||||
for (identifier, input) in signing_package
|
for (identifier, input) in signing_package
|
||||||
.binding_factor_preimages(&group_public, &[])
|
.binding_factor_preimages(&verifying_key, &[])
|
||||||
.iter()
|
.iter()
|
||||||
{
|
{
|
||||||
assert_eq!(*input, binding_factor_inputs[identifier]);
|
assert_eq!(*input, binding_factor_inputs[identifier]);
|
||||||
}
|
}
|
||||||
|
|
||||||
let binding_factor_list: frost::BindingFactorList<C> =
|
let binding_factor_list: frost::BindingFactorList<C> =
|
||||||
compute_binding_factor_list(&signing_package, &group_public, &[]);
|
compute_binding_factor_list(&signing_package, &verifying_key, &[]);
|
||||||
|
|
||||||
for (identifier, binding_factor) in binding_factor_list.iter() {
|
for (identifier, binding_factor) in binding_factor_list.iter() {
|
||||||
assert_eq!(*binding_factor, binding_factors[identifier]);
|
assert_eq!(*binding_factor, binding_factors[identifier]);
|
||||||
|
|
@ -290,12 +290,12 @@ pub fn check_sign_with_test_vectors<C: Ciphersuite>(json_vectors: &Value) {
|
||||||
|
|
||||||
assert_eq!(our_signature_shares, signature_shares);
|
assert_eq!(our_signature_shares, signature_shares);
|
||||||
|
|
||||||
let signer_pubkeys = key_packages
|
let verifying_shares = key_packages
|
||||||
.into_iter()
|
.into_iter()
|
||||||
.map(|(i, key_package)| (i, *key_package.public()))
|
.map(|(i, key_package)| (i, *key_package.verifying_share()))
|
||||||
.collect();
|
.collect();
|
||||||
|
|
||||||
let pubkey_package = frost::keys::PublicKeyPackage::new(signer_pubkeys, group_public);
|
let pubkey_package = frost::keys::PublicKeyPackage::new(verifying_shares, verifying_key);
|
||||||
|
|
||||||
////////////////////////////////////////////////////////////////////////////
|
////////////////////////////////////////////////////////////////////////////
|
||||||
// Aggregation: collects the signing shares from all participants,
|
// Aggregation: collects the signing shares from all participants,
|
||||||
|
|
|
||||||
|
|
@ -52,7 +52,7 @@ for participant_index in 1..(min_signers as u16 + 1) {
|
||||||
// participant, up to _threshold_.
|
// participant, up to _threshold_.
|
||||||
# // ANCHOR: round1_commit
|
# // ANCHOR: round1_commit
|
||||||
let (nonces, commitments) = frost::round1::commit(
|
let (nonces, commitments) = frost::round1::commit(
|
||||||
key_packages[&participant_identifier].secret_share(),
|
key_packages[&participant_identifier].signing_share(),
|
||||||
&mut rng,
|
&mut rng,
|
||||||
);
|
);
|
||||||
# // ANCHOR_END: round1_commit
|
# // ANCHOR_END: round1_commit
|
||||||
|
|
@ -111,7 +111,7 @@ let group_signature = frost::aggregate(&signing_package, &signature_shares, &pub
|
||||||
// key (the verification key).
|
// key (the verification key).
|
||||||
# // ANCHOR: verify
|
# // ANCHOR: verify
|
||||||
let is_signature_valid = pubkey_package
|
let is_signature_valid = pubkey_package
|
||||||
.group_public()
|
.verifying_key()
|
||||||
.verify(message, &group_signature)
|
.verify(message, &group_signature)
|
||||||
.is_ok();
|
.is_ok();
|
||||||
# // ANCHOR_END: verify
|
# // ANCHOR_END: verify
|
||||||
|
|
|
||||||
|
|
@ -90,9 +90,9 @@ pub fn public_key_package() -> PublicKeyPackage {
|
||||||
let verifying_share = VerifyingShare::deserialize(serialized_element).unwrap();
|
let verifying_share = VerifyingShare::deserialize(serialized_element).unwrap();
|
||||||
let serialized_element = <C as Ciphersuite>::Group::serialize(&element1());
|
let serialized_element = <C as Ciphersuite>::Group::serialize(&element1());
|
||||||
let verifying_key = VerifyingKey::deserialize(serialized_element).unwrap();
|
let verifying_key = VerifyingKey::deserialize(serialized_element).unwrap();
|
||||||
let signer_pubkeys = HashMap::from([(identifier, verifying_share)]);
|
let verifying_shares = HashMap::from([(identifier, verifying_share)]);
|
||||||
|
|
||||||
PublicKeyPackage::new(signer_pubkeys, verifying_key)
|
PublicKeyPackage::new(verifying_shares, verifying_key)
|
||||||
}
|
}
|
||||||
|
|
||||||
/// Generate a sample round1::Package.
|
/// Generate a sample round1::Package.
|
||||||
|
|
|
||||||
|
|
@ -14,7 +14,7 @@
|
||||||
257
|
257
|
||||||
],
|
],
|
||||||
"group_secret_key": "7b1c33d3f5291d85de664833beb1ad469f7fb6025a0ec78b3a790c6e13a98304",
|
"group_secret_key": "7b1c33d3f5291d85de664833beb1ad469f7fb6025a0ec78b3a790c6e13a98304",
|
||||||
"group_public_key": "15d21ccd7ee42959562fc8aa63224c8851fb3ec85a3faf66040d380fb9738673",
|
"verifying_key_key": "15d21ccd7ee42959562fc8aa63224c8851fb3ec85a3faf66040d380fb9738673",
|
||||||
"message": "74657374",
|
"message": "74657374",
|
||||||
"share_polynomial_coefficients": [
|
"share_polynomial_coefficients": [
|
||||||
"178199860edd8c62f5212ee91eff1295d0d670ab4ed4506866bae57e7030b204"
|
"178199860edd8c62f5212ee91eff1295d0d670ab4ed4506866bae57e7030b204"
|
||||||
|
|
|
||||||
|
|
@ -13,7 +13,7 @@
|
||||||
3
|
3
|
||||||
],
|
],
|
||||||
"group_secret_key": "7b1c33d3f5291d85de664833beb1ad469f7fb6025a0ec78b3a790c6e13a98304",
|
"group_secret_key": "7b1c33d3f5291d85de664833beb1ad469f7fb6025a0ec78b3a790c6e13a98304",
|
||||||
"group_public_key": "15d21ccd7ee42959562fc8aa63224c8851fb3ec85a3faf66040d380fb9738673",
|
"verifying_key_key": "15d21ccd7ee42959562fc8aa63224c8851fb3ec85a3faf66040d380fb9738673",
|
||||||
"message": "74657374",
|
"message": "74657374",
|
||||||
"share_polynomial_coefficients": [
|
"share_polynomial_coefficients": [
|
||||||
"178199860edd8c62f5212ee91eff1295d0d670ab4ed4506866bae57e7030b204"
|
"178199860edd8c62f5212ee91eff1295d0d670ab4ed4506866bae57e7030b204"
|
||||||
|
|
|
||||||
|
|
@ -54,7 +54,7 @@ fn check_secret_share_recreation() {
|
||||||
let secret_share = samples::secret_share();
|
let secret_share = samples::secret_share();
|
||||||
|
|
||||||
let identifier = secret_share.identifier();
|
let identifier = secret_share.identifier();
|
||||||
let value = secret_share.value();
|
let value = secret_share.signing_share();
|
||||||
let commitment = secret_share.commitment();
|
let commitment = secret_share.commitment();
|
||||||
|
|
||||||
let new_secret_share = SecretShare::new(*identifier, *value, commitment.clone());
|
let new_secret_share = SecretShare::new(*identifier, *value, commitment.clone());
|
||||||
|
|
@ -68,9 +68,9 @@ fn check_key_package_recreation() {
|
||||||
let key_package = samples::key_package();
|
let key_package = samples::key_package();
|
||||||
|
|
||||||
let identifier = key_package.identifier();
|
let identifier = key_package.identifier();
|
||||||
let signing_share = key_package.secret_share();
|
let signing_share = key_package.signing_share();
|
||||||
let verifying_share = key_package.public();
|
let verifying_share = key_package.verifying_share();
|
||||||
let verifying_key = key_package.group_public();
|
let verifying_key = key_package.verifying_key();
|
||||||
let min_signers = key_package.min_signers();
|
let min_signers = key_package.min_signers();
|
||||||
|
|
||||||
let new_key_package = KeyPackage::new(
|
let new_key_package = KeyPackage::new(
|
||||||
|
|
@ -89,10 +89,10 @@ fn check_key_package_recreation() {
|
||||||
fn check_public_key_package_recreation() {
|
fn check_public_key_package_recreation() {
|
||||||
let public_key_package = samples::public_key_package();
|
let public_key_package = samples::public_key_package();
|
||||||
|
|
||||||
let signer_pubkeys = public_key_package.signer_pubkeys();
|
let verifying_shares = public_key_package.verifying_shares();
|
||||||
let verifying_key = public_key_package.group_public();
|
let verifying_key = public_key_package.verifying_key();
|
||||||
|
|
||||||
let new_public_key_package = PublicKeyPackage::new(signer_pubkeys.clone(), *verifying_key);
|
let new_public_key_package = PublicKeyPackage::new(verifying_shares.clone(), *verifying_key);
|
||||||
|
|
||||||
assert!(public_key_package == new_public_key_package);
|
assert!(public_key_package == new_public_key_package);
|
||||||
}
|
}
|
||||||
|
|
@ -115,7 +115,7 @@ fn check_round1_package_recreation() {
|
||||||
fn check_round2_package_recreation() {
|
fn check_round2_package_recreation() {
|
||||||
let round2_package = samples::round2_package();
|
let round2_package = samples::round2_package();
|
||||||
|
|
||||||
let signing_share = round2_package.secret_share();
|
let signing_share = round2_package.signing_share();
|
||||||
|
|
||||||
let new_round2_package = round2::Package::new(*signing_share);
|
let new_round2_package = round2::Package::new(*signing_share);
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -212,7 +212,7 @@ fn check_secret_share_serialization() {
|
||||||
|
|
||||||
let json = r#"{
|
let json = r#"{
|
||||||
"identifier": "2a00000000000000000000000000000000000000000000000000000000000000",
|
"identifier": "2a00000000000000000000000000000000000000000000000000000000000000",
|
||||||
"value": "498d4e9311420c903913a56c94a694b8aaaaaaaaaaaaaaaaaaaaaaaaaaaaaa0a",
|
"signing_share": "498d4e9311420c903913a56c94a694b8aaaaaaaaaaaaaaaaaaaaaaaaaaaaaa0a",
|
||||||
"commitment": [
|
"commitment": [
|
||||||
"5866666666666666666666666666666666666666666666666666666666666666"
|
"5866666666666666666666666666666666666666666666666666666666666666"
|
||||||
],
|
],
|
||||||
|
|
@ -227,7 +227,7 @@ fn check_secret_share_serialization() {
|
||||||
// Invalid identifier
|
// Invalid identifier
|
||||||
let invalid_json = r#"{
|
let invalid_json = r#"{
|
||||||
"identifier": "0000000000000000000000000000000000000000000000000000000000000000",
|
"identifier": "0000000000000000000000000000000000000000000000000000000000000000",
|
||||||
"value": "498d4e9311420c903913a56c94a694b8aaaaaaaaaaaaaaaaaaaaaaaaaaaaaa0a",
|
"signing_share": "498d4e9311420c903913a56c94a694b8aaaaaaaaaaaaaaaaaaaaaaaaaaaaaa0a",
|
||||||
"commitment": [
|
"commitment": [
|
||||||
"5866666666666666666666666666666666666666666666666666666666666666"
|
"5866666666666666666666666666666666666666666666666666666666666666"
|
||||||
],
|
],
|
||||||
|
|
@ -259,7 +259,7 @@ fn check_secret_share_serialization() {
|
||||||
// Extra field
|
// Extra field
|
||||||
let invalid_json = r#"{
|
let invalid_json = r#"{
|
||||||
"identifier": "2a00000000000000000000000000000000000000000000000000000000000000",
|
"identifier": "2a00000000000000000000000000000000000000000000000000000000000000",
|
||||||
"value": "498d4e9311420c903913a56c94a694b8aaaaaaaaaaaaaaaaaaaaaaaaaaaaaa0a",
|
"signing_share": "498d4e9311420c903913a56c94a694b8aaaaaaaaaaaaaaaaaaaaaaaaaaaaaa0a",
|
||||||
"commitment": [
|
"commitment": [
|
||||||
"5866666666666666666666666666666666666666666666666666666666666666"
|
"5866666666666666666666666666666666666666666666666666666666666666"
|
||||||
],
|
],
|
||||||
|
|
@ -281,9 +281,9 @@ fn check_key_package_serialization() {
|
||||||
|
|
||||||
let json = r#"{
|
let json = r#"{
|
||||||
"identifier": "2a00000000000000000000000000000000000000000000000000000000000000",
|
"identifier": "2a00000000000000000000000000000000000000000000000000000000000000",
|
||||||
"secret_share": "498d4e9311420c903913a56c94a694b8aaaaaaaaaaaaaaaaaaaaaaaaaaaaaa0a",
|
"signing_share": "498d4e9311420c903913a56c94a694b8aaaaaaaaaaaaaaaaaaaaaaaaaaaaaa0a",
|
||||||
"public": "5866666666666666666666666666666666666666666666666666666666666666",
|
"verifying_share": "5866666666666666666666666666666666666666666666666666666666666666",
|
||||||
"group_public": "5866666666666666666666666666666666666666666666666666666666666666",
|
"verifying_key": "5866666666666666666666666666666666666666666666666666666666666666",
|
||||||
"min_signers": 2,
|
"min_signers": 2,
|
||||||
"ciphersuite": "FROST(Ed25519, SHA-512)"
|
"ciphersuite": "FROST(Ed25519, SHA-512)"
|
||||||
}"#;
|
}"#;
|
||||||
|
|
@ -296,9 +296,9 @@ fn check_key_package_serialization() {
|
||||||
// Invalid identifier
|
// Invalid identifier
|
||||||
let invalid_json = r#"{
|
let invalid_json = r#"{
|
||||||
"identifier": "0000000000000000000000000000000000000000000000000000000000000000",
|
"identifier": "0000000000000000000000000000000000000000000000000000000000000000",
|
||||||
"secret_share": "498d4e9311420c903913a56c94a694b8aaaaaaaaaaaaaaaaaaaaaaaaaaaaaa0a",
|
"signing_share": "498d4e9311420c903913a56c94a694b8aaaaaaaaaaaaaaaaaaaaaaaaaaaaaa0a",
|
||||||
"public": "5866666666666666666666666666666666666666666666666666666666666666",
|
"verifying_share": "5866666666666666666666666666666666666666666666666666666666666666",
|
||||||
"group_public": "5866666666666666666666666666666666666666666666666666666666666666",
|
"verifying_key": "5866666666666666666666666666666666666666666666666666666666666666",
|
||||||
"ciphersuite": "FROST(Ed25519, SHA-512)"
|
"ciphersuite": "FROST(Ed25519, SHA-512)"
|
||||||
}"#;
|
}"#;
|
||||||
assert!(serde_json::from_str::<KeyPackage>(invalid_json).is_err());
|
assert!(serde_json::from_str::<KeyPackage>(invalid_json).is_err());
|
||||||
|
|
@ -307,8 +307,8 @@ fn check_key_package_serialization() {
|
||||||
let invalid_json = r#"{
|
let invalid_json = r#"{
|
||||||
"identifier": "2a00000000000000000000000000000000000000000000000000000000000000",
|
"identifier": "2a00000000000000000000000000000000000000000000000000000000000000",
|
||||||
"foo": "498d4e9311420c903913a56c94a694b8aaaaaaaaaaaaaaaaaaaaaaaaaaaaaa0a",
|
"foo": "498d4e9311420c903913a56c94a694b8aaaaaaaaaaaaaaaaaaaaaaaaaaaaaa0a",
|
||||||
"public": "5866666666666666666666666666666666666666666666666666666666666666",
|
"verifying_share": "5866666666666666666666666666666666666666666666666666666666666666",
|
||||||
"group_public": "5866666666666666666666666666666666666666666666666666666666666666",
|
"verifying_key": "5866666666666666666666666666666666666666666666666666666666666666",
|
||||||
"ciphersuite": "FROST(Ed25519, SHA-512)"
|
"ciphersuite": "FROST(Ed25519, SHA-512)"
|
||||||
}"#;
|
}"#;
|
||||||
assert!(serde_json::from_str::<KeyPackage>(invalid_json).is_err());
|
assert!(serde_json::from_str::<KeyPackage>(invalid_json).is_err());
|
||||||
|
|
@ -316,8 +316,8 @@ fn check_key_package_serialization() {
|
||||||
// Missing field
|
// Missing field
|
||||||
let invalid_json = r#"{
|
let invalid_json = r#"{
|
||||||
"identifier": "2a00000000000000000000000000000000000000000000000000000000000000",
|
"identifier": "2a00000000000000000000000000000000000000000000000000000000000000",
|
||||||
"public": "5866666666666666666666666666666666666666666666666666666666666666",
|
"verifying_share": "5866666666666666666666666666666666666666666666666666666666666666",
|
||||||
"group_public": "5866666666666666666666666666666666666666666666666666666666666666",
|
"verifying_key": "5866666666666666666666666666666666666666666666666666666666666666",
|
||||||
"ciphersuite": "FROST(Ed25519, SHA-512)"
|
"ciphersuite": "FROST(Ed25519, SHA-512)"
|
||||||
}"#;
|
}"#;
|
||||||
assert!(serde_json::from_str::<KeyPackage>(invalid_json).is_err());
|
assert!(serde_json::from_str::<KeyPackage>(invalid_json).is_err());
|
||||||
|
|
@ -325,9 +325,9 @@ fn check_key_package_serialization() {
|
||||||
// Extra field
|
// Extra field
|
||||||
let invalid_json = r#"{
|
let invalid_json = r#"{
|
||||||
"identifier": "2a00000000000000000000000000000000000000000000000000000000000000",
|
"identifier": "2a00000000000000000000000000000000000000000000000000000000000000",
|
||||||
"secret_share": "498d4e9311420c903913a56c94a694b8aaaaaaaaaaaaaaaaaaaaaaaaaaaaaa0a",
|
"signing_share": "498d4e9311420c903913a56c94a694b8aaaaaaaaaaaaaaaaaaaaaaaaaaaaaa0a",
|
||||||
"public": "5866666666666666666666666666666666666666666666666666666666666666",
|
"verifying_share": "5866666666666666666666666666666666666666666666666666666666666666",
|
||||||
"group_public": "5866666666666666666666666666666666666666666666666666666666666666",
|
"verifying_key": "5866666666666666666666666666666666666666666666666666666666666666",
|
||||||
"extra_field": 1,
|
"extra_field": 1,
|
||||||
"ciphersuite": "FROST(Ed25519, SHA-512)"
|
"ciphersuite": "FROST(Ed25519, SHA-512)"
|
||||||
}"#;
|
}"#;
|
||||||
|
|
@ -345,10 +345,10 @@ fn check_public_key_package_serialization() {
|
||||||
assert!(public_key_package == decoded_public_key_package);
|
assert!(public_key_package == decoded_public_key_package);
|
||||||
|
|
||||||
let json = r#"{
|
let json = r#"{
|
||||||
"signer_pubkeys": {
|
"verifying_shares": {
|
||||||
"2a00000000000000000000000000000000000000000000000000000000000000": "5866666666666666666666666666666666666666666666666666666666666666"
|
"2a00000000000000000000000000000000000000000000000000000000000000": "5866666666666666666666666666666666666666666666666666666666666666"
|
||||||
},
|
},
|
||||||
"group_public": "5866666666666666666666666666666666666666666666666666666666666666",
|
"verifying_key": "5866666666666666666666666666666666666666666666666666666666666666",
|
||||||
"ciphersuite": "FROST(Ed25519, SHA-512)"
|
"ciphersuite": "FROST(Ed25519, SHA-512)"
|
||||||
}"#;
|
}"#;
|
||||||
let decoded_public_key_package: PublicKeyPackage = serde_json::from_str(json).unwrap();
|
let decoded_public_key_package: PublicKeyPackage = serde_json::from_str(json).unwrap();
|
||||||
|
|
@ -359,17 +359,17 @@ fn check_public_key_package_serialization() {
|
||||||
|
|
||||||
// Invalid identifier
|
// Invalid identifier
|
||||||
let invalid_json = r#"{
|
let invalid_json = r#"{
|
||||||
"signer_pubkeys": {
|
"verifying_shares": {
|
||||||
"0000000000000000000000000000000000000000000000000000000000000000": "5866666666666666666666666666666666666666666666666666666666666666"
|
"0000000000000000000000000000000000000000000000000000000000000000": "5866666666666666666666666666666666666666666666666666666666666666"
|
||||||
},
|
},
|
||||||
"group_public": "5866666666666666666666666666666666666666666666666666666666666666",
|
"verifying_key": "5866666666666666666666666666666666666666666666666666666666666666",
|
||||||
"ciphersuite": "FROST(Ed25519, SHA-512)"
|
"ciphersuite": "FROST(Ed25519, SHA-512)"
|
||||||
}"#;
|
}"#;
|
||||||
assert!(serde_json::from_str::<PublicKeyPackage>(invalid_json).is_err());
|
assert!(serde_json::from_str::<PublicKeyPackage>(invalid_json).is_err());
|
||||||
|
|
||||||
// Invalid field
|
// Invalid field
|
||||||
let invalid_json = r#"{
|
let invalid_json = r#"{
|
||||||
"signer_pubkeys": {
|
"verifying_shares": {
|
||||||
"2a00000000000000000000000000000000000000000000000000000000000000": "5866666666666666666666666666666666666666666666666666666666666666"
|
"2a00000000000000000000000000000000000000000000000000000000000000": "5866666666666666666666666666666666666666666666666666666666666666"
|
||||||
},
|
},
|
||||||
"foo": "5866666666666666666666666666666666666666666666666666666666666666",
|
"foo": "5866666666666666666666666666666666666666666666666666666666666666",
|
||||||
|
|
@ -379,7 +379,7 @@ fn check_public_key_package_serialization() {
|
||||||
|
|
||||||
// Missing field
|
// Missing field
|
||||||
let invalid_json = r#"{
|
let invalid_json = r#"{
|
||||||
"signer_pubkeys": {
|
"verifying_shares": {
|
||||||
"2a00000000000000000000000000000000000000000000000000000000000000": "5866666666666666666666666666666666666666666666666666666666666666"
|
"2a00000000000000000000000000000000000000000000000000000000000000": "5866666666666666666666666666666666666666666666666666666666666666"
|
||||||
},
|
},
|
||||||
"ciphersuite": "FROST(Ed25519, SHA-512)"
|
"ciphersuite": "FROST(Ed25519, SHA-512)"
|
||||||
|
|
@ -388,10 +388,10 @@ fn check_public_key_package_serialization() {
|
||||||
|
|
||||||
// Extra field
|
// Extra field
|
||||||
let invalid_json = r#"{
|
let invalid_json = r#"{
|
||||||
"signer_pubkeys": {
|
"verifying_shares": {
|
||||||
"2a00000000000000000000000000000000000000000000000000000000000000": "5866666666666666666666666666666666666666666666666666666666666666"
|
"2a00000000000000000000000000000000000000000000000000000000000000": "5866666666666666666666666666666666666666666666666666666666666666"
|
||||||
},
|
},
|
||||||
"group_public": "5866666666666666666666666666666666666666666666666666666666666666",
|
"verifying_key": "5866666666666666666666666666666666666666666666666666666666666666",
|
||||||
"extra": 1,
|
"extra": 1,
|
||||||
"ciphersuite": "FROST(Ed25519, SHA-512)"
|
"ciphersuite": "FROST(Ed25519, SHA-512)"
|
||||||
}"#;
|
}"#;
|
||||||
|
|
@ -463,7 +463,7 @@ fn check_round2_package_serialization() {
|
||||||
assert!(round2_package == decoded_round2_package);
|
assert!(round2_package == decoded_round2_package);
|
||||||
|
|
||||||
let json = r#"{
|
let json = r#"{
|
||||||
"secret_share": "498d4e9311420c903913a56c94a694b8aaaaaaaaaaaaaaaaaaaaaaaaaaaaaa0a",
|
"signing_share": "498d4e9311420c903913a56c94a694b8aaaaaaaaaaaaaaaaaaaaaaaaaaaaaa0a",
|
||||||
"ciphersuite": "FROST(Ed25519, SHA-512)"
|
"ciphersuite": "FROST(Ed25519, SHA-512)"
|
||||||
}"#;
|
}"#;
|
||||||
let decoded_round2_package: round2::Package = serde_json::from_str(json).unwrap();
|
let decoded_round2_package: round2::Package = serde_json::from_str(json).unwrap();
|
||||||
|
|
@ -487,7 +487,7 @@ fn check_round2_package_serialization() {
|
||||||
|
|
||||||
// Extra field
|
// Extra field
|
||||||
let invalid_json = r#"{
|
let invalid_json = r#"{
|
||||||
"secret_share": "498d4e9311420c903913a56c94a694b8aaaaaaaaaaaaaaaaaaaaaaaaaaaaaa0a",
|
"signing_share": "498d4e9311420c903913a56c94a694b8aaaaaaaaaaaaaaaaaaaaaaaaaaaaaa0a",
|
||||||
"extra": 1,
|
"extra": 1,
|
||||||
"ciphersuite": "FROST(Ed25519, SHA-512)"
|
"ciphersuite": "FROST(Ed25519, SHA-512)"
|
||||||
}"#;
|
}"#;
|
||||||
|
|
|
||||||
|
|
@ -52,7 +52,7 @@ for participant_index in 1..(min_signers as u16 + 1) {
|
||||||
// participant, up to _threshold_.
|
// participant, up to _threshold_.
|
||||||
# // ANCHOR: round1_commit
|
# // ANCHOR: round1_commit
|
||||||
let (nonces, commitments) = frost::round1::commit(
|
let (nonces, commitments) = frost::round1::commit(
|
||||||
key_packages[&participant_identifier].secret_share(),
|
key_packages[&participant_identifier].signing_share(),
|
||||||
&mut rng,
|
&mut rng,
|
||||||
);
|
);
|
||||||
# // ANCHOR_END: round1_commit
|
# // ANCHOR_END: round1_commit
|
||||||
|
|
@ -111,7 +111,7 @@ let group_signature = frost::aggregate(&signing_package, &signature_shares, &pub
|
||||||
// key (the verification key).
|
// key (the verification key).
|
||||||
# // ANCHOR: verify
|
# // ANCHOR: verify
|
||||||
let is_signature_valid = pubkey_package
|
let is_signature_valid = pubkey_package
|
||||||
.group_public()
|
.verifying_key()
|
||||||
.verify(message, &group_signature)
|
.verify(message, &group_signature)
|
||||||
.is_ok();
|
.is_ok();
|
||||||
# // ANCHOR_END: verify
|
# // ANCHOR_END: verify
|
||||||
|
|
|
||||||
|
|
@ -90,9 +90,9 @@ pub fn public_key_package() -> PublicKeyPackage {
|
||||||
let verifying_share = VerifyingShare::deserialize(serialized_element).unwrap();
|
let verifying_share = VerifyingShare::deserialize(serialized_element).unwrap();
|
||||||
let serialized_element = <C as Ciphersuite>::Group::serialize(&element1());
|
let serialized_element = <C as Ciphersuite>::Group::serialize(&element1());
|
||||||
let verifying_key = VerifyingKey::deserialize(serialized_element).unwrap();
|
let verifying_key = VerifyingKey::deserialize(serialized_element).unwrap();
|
||||||
let signer_pubkeys = HashMap::from([(identifier, verifying_share)]);
|
let verifying_shares = HashMap::from([(identifier, verifying_share)]);
|
||||||
|
|
||||||
PublicKeyPackage::new(signer_pubkeys, verifying_key)
|
PublicKeyPackage::new(verifying_shares, verifying_key)
|
||||||
}
|
}
|
||||||
|
|
||||||
/// Generate a sample round1::Package.
|
/// Generate a sample round1::Package.
|
||||||
|
|
|
||||||
|
|
@ -14,7 +14,7 @@
|
||||||
257
|
257
|
||||||
],
|
],
|
||||||
"group_secret_key": "6298e1eef3c379392caaed061ed8a31033c9e9e3420726f23b404158a401cd9df24632adfe6b418dc942d8a091817dd8bd70e1c72ba52f3c00",
|
"group_secret_key": "6298e1eef3c379392caaed061ed8a31033c9e9e3420726f23b404158a401cd9df24632adfe6b418dc942d8a091817dd8bd70e1c72ba52f3c00",
|
||||||
"group_public_key": "3832f82fda00ff5365b0376df705675b63d2a93c24c6e81d40801ba265632be10f443f95968fadb70d10786827f30dc001c8d0f9b7c1d1b000",
|
"verifying_key_key": "3832f82fda00ff5365b0376df705675b63d2a93c24c6e81d40801ba265632be10f443f95968fadb70d10786827f30dc001c8d0f9b7c1d1b000",
|
||||||
"message": "74657374",
|
"message": "74657374",
|
||||||
"share_polynomial_coefficients": [
|
"share_polynomial_coefficients": [
|
||||||
"dbd7a514f7a731976620f0436bd135fe8dddc3fadd6e0d13dbd58a1981e587d377d48e0b7ce4e0092967c5e85884d0275a7a740b6abdcd0500"
|
"dbd7a514f7a731976620f0436bd135fe8dddc3fadd6e0d13dbd58a1981e587d377d48e0b7ce4e0092967c5e85884d0275a7a740b6abdcd0500"
|
||||||
|
|
|
||||||
|
|
@ -13,7 +13,7 @@
|
||||||
3
|
3
|
||||||
],
|
],
|
||||||
"group_secret_key": "6298e1eef3c379392caaed061ed8a31033c9e9e3420726f23b404158a401cd9df24632adfe6b418dc942d8a091817dd8bd70e1c72ba52f3c00",
|
"group_secret_key": "6298e1eef3c379392caaed061ed8a31033c9e9e3420726f23b404158a401cd9df24632adfe6b418dc942d8a091817dd8bd70e1c72ba52f3c00",
|
||||||
"group_public_key": "3832f82fda00ff5365b0376df705675b63d2a93c24c6e81d40801ba265632be10f443f95968fadb70d10786827f30dc001c8d0f9b7c1d1b000",
|
"verifying_key_key": "3832f82fda00ff5365b0376df705675b63d2a93c24c6e81d40801ba265632be10f443f95968fadb70d10786827f30dc001c8d0f9b7c1d1b000",
|
||||||
"message": "74657374",
|
"message": "74657374",
|
||||||
"share_polynomial_coefficients": [
|
"share_polynomial_coefficients": [
|
||||||
"dbd7a514f7a731976620f0436bd135fe8dddc3fadd6e0d13dbd58a1981e587d377d48e0b7ce4e0092967c5e85884d0275a7a740b6abdcd0500"
|
"dbd7a514f7a731976620f0436bd135fe8dddc3fadd6e0d13dbd58a1981e587d377d48e0b7ce4e0092967c5e85884d0275a7a740b6abdcd0500"
|
||||||
|
|
|
||||||
|
|
@ -54,7 +54,7 @@ fn check_secret_share_recreation() {
|
||||||
let secret_share = samples::secret_share();
|
let secret_share = samples::secret_share();
|
||||||
|
|
||||||
let identifier = secret_share.identifier();
|
let identifier = secret_share.identifier();
|
||||||
let value = secret_share.value();
|
let value = secret_share.signing_share();
|
||||||
let commitment = secret_share.commitment();
|
let commitment = secret_share.commitment();
|
||||||
|
|
||||||
let new_secret_share = SecretShare::new(*identifier, *value, commitment.clone());
|
let new_secret_share = SecretShare::new(*identifier, *value, commitment.clone());
|
||||||
|
|
@ -68,9 +68,9 @@ fn check_key_package_recreation() {
|
||||||
let key_package = samples::key_package();
|
let key_package = samples::key_package();
|
||||||
|
|
||||||
let identifier = key_package.identifier();
|
let identifier = key_package.identifier();
|
||||||
let signing_share = key_package.secret_share();
|
let signing_share = key_package.signing_share();
|
||||||
let verifying_share = key_package.public();
|
let verifying_share = key_package.verifying_share();
|
||||||
let verifying_key = key_package.group_public();
|
let verifying_key = key_package.verifying_key();
|
||||||
let min_signers = key_package.min_signers();
|
let min_signers = key_package.min_signers();
|
||||||
|
|
||||||
let new_key_package = KeyPackage::new(
|
let new_key_package = KeyPackage::new(
|
||||||
|
|
@ -89,10 +89,10 @@ fn check_key_package_recreation() {
|
||||||
fn check_public_key_package_recreation() {
|
fn check_public_key_package_recreation() {
|
||||||
let public_key_package = samples::public_key_package();
|
let public_key_package = samples::public_key_package();
|
||||||
|
|
||||||
let signer_pubkeys = public_key_package.signer_pubkeys();
|
let verifying_shares = public_key_package.verifying_shares();
|
||||||
let verifying_key = public_key_package.group_public();
|
let verifying_key = public_key_package.verifying_key();
|
||||||
|
|
||||||
let new_public_key_package = PublicKeyPackage::new(signer_pubkeys.clone(), *verifying_key);
|
let new_public_key_package = PublicKeyPackage::new(verifying_shares.clone(), *verifying_key);
|
||||||
|
|
||||||
assert!(public_key_package == new_public_key_package);
|
assert!(public_key_package == new_public_key_package);
|
||||||
}
|
}
|
||||||
|
|
@ -115,7 +115,7 @@ fn check_round1_package_recreation() {
|
||||||
fn check_round2_package_recreation() {
|
fn check_round2_package_recreation() {
|
||||||
let round2_package = samples::round2_package();
|
let round2_package = samples::round2_package();
|
||||||
|
|
||||||
let signing_share = round2_package.secret_share();
|
let signing_share = round2_package.signing_share();
|
||||||
|
|
||||||
let new_round2_package = round2::Package::new(*signing_share);
|
let new_round2_package = round2::Package::new(*signing_share);
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -212,7 +212,7 @@ fn check_secret_share_serialization() {
|
||||||
|
|
||||||
let json = r#"{
|
let json = r#"{
|
||||||
"identifier": "2a0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000",
|
"identifier": "2a0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000",
|
||||||
"value": "4d83e51cb78150c2380ad9b3a18148166024e4c9db3cdf82466d3153aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa2a00",
|
"signing_share": "4d83e51cb78150c2380ad9b3a18148166024e4c9db3cdf82466d3153aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa2a00",
|
||||||
"commitment": [
|
"commitment": [
|
||||||
"14fa30f25b790898adc8d74e2c13bdfdc4397ce61cffd33ad7c2a0051e9c78874098a36c7373ea4b62c7c9563720768824bcb66e71463f6900"
|
"14fa30f25b790898adc8d74e2c13bdfdc4397ce61cffd33ad7c2a0051e9c78874098a36c7373ea4b62c7c9563720768824bcb66e71463f6900"
|
||||||
],
|
],
|
||||||
|
|
@ -227,7 +227,7 @@ fn check_secret_share_serialization() {
|
||||||
// Invalid identifier
|
// Invalid identifier
|
||||||
let invalid_json = r#"{
|
let invalid_json = r#"{
|
||||||
"identifier": "0000000000000000000000000000000000000000000000000000000000000000",
|
"identifier": "0000000000000000000000000000000000000000000000000000000000000000",
|
||||||
"value": "4d83e51cb78150c2380ad9b3a18148166024e4c9db3cdf82466d3153aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa2a00",
|
"signing_share": "4d83e51cb78150c2380ad9b3a18148166024e4c9db3cdf82466d3153aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa2a00",
|
||||||
"commitment": [
|
"commitment": [
|
||||||
"14fa30f25b790898adc8d74e2c13bdfdc4397ce61cffd33ad7c2a0051e9c78874098a36c7373ea4b62c7c9563720768824bcb66e71463f6900"
|
"14fa30f25b790898adc8d74e2c13bdfdc4397ce61cffd33ad7c2a0051e9c78874098a36c7373ea4b62c7c9563720768824bcb66e71463f6900"
|
||||||
],
|
],
|
||||||
|
|
@ -259,7 +259,7 @@ fn check_secret_share_serialization() {
|
||||||
// Extra field
|
// Extra field
|
||||||
let invalid_json = r#"{
|
let invalid_json = r#"{
|
||||||
"identifier": "2a0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000",
|
"identifier": "2a0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000",
|
||||||
"value": "4d83e51cb78150c2380ad9b3a18148166024e4c9db3cdf82466d3153aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa2a00",
|
"signing_share": "4d83e51cb78150c2380ad9b3a18148166024e4c9db3cdf82466d3153aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa2a00",
|
||||||
"commitment": [
|
"commitment": [
|
||||||
"14fa30f25b790898adc8d74e2c13bdfdc4397ce61cffd33ad7c2a0051e9c78874098a36c7373ea4b62c7c9563720768824bcb66e71463f6900"
|
"14fa30f25b790898adc8d74e2c13bdfdc4397ce61cffd33ad7c2a0051e9c78874098a36c7373ea4b62c7c9563720768824bcb66e71463f6900"
|
||||||
],
|
],
|
||||||
|
|
@ -281,9 +281,9 @@ fn check_key_package_serialization() {
|
||||||
|
|
||||||
let json = r#"{
|
let json = r#"{
|
||||||
"identifier": "2a0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000",
|
"identifier": "2a0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000",
|
||||||
"secret_share": "4d83e51cb78150c2380ad9b3a18148166024e4c9db3cdf82466d3153aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa2a00",
|
"signing_share": "4d83e51cb78150c2380ad9b3a18148166024e4c9db3cdf82466d3153aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa2a00",
|
||||||
"public": "14fa30f25b790898adc8d74e2c13bdfdc4397ce61cffd33ad7c2a0051e9c78874098a36c7373ea4b62c7c9563720768824bcb66e71463f6900",
|
"verifying_share": "14fa30f25b790898adc8d74e2c13bdfdc4397ce61cffd33ad7c2a0051e9c78874098a36c7373ea4b62c7c9563720768824bcb66e71463f6900",
|
||||||
"group_public": "14fa30f25b790898adc8d74e2c13bdfdc4397ce61cffd33ad7c2a0051e9c78874098a36c7373ea4b62c7c9563720768824bcb66e71463f6900",
|
"verifying_key": "14fa30f25b790898adc8d74e2c13bdfdc4397ce61cffd33ad7c2a0051e9c78874098a36c7373ea4b62c7c9563720768824bcb66e71463f6900",
|
||||||
"min_signers": 2,
|
"min_signers": 2,
|
||||||
"ciphersuite": "FROST(Ed448, SHAKE256)"
|
"ciphersuite": "FROST(Ed448, SHAKE256)"
|
||||||
}"#;
|
}"#;
|
||||||
|
|
@ -296,9 +296,9 @@ fn check_key_package_serialization() {
|
||||||
// Invalid identifier
|
// Invalid identifier
|
||||||
let invalid_json = r#"{
|
let invalid_json = r#"{
|
||||||
"identifier": "0000000000000000000000000000000000000000000000000000000000000000",
|
"identifier": "0000000000000000000000000000000000000000000000000000000000000000",
|
||||||
"secret_share": "4d83e51cb78150c2380ad9b3a18148166024e4c9db3cdf82466d3153aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa2a00",
|
"signing_share": "4d83e51cb78150c2380ad9b3a18148166024e4c9db3cdf82466d3153aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa2a00",
|
||||||
"public": "14fa30f25b790898adc8d74e2c13bdfdc4397ce61cffd33ad7c2a0051e9c78874098a36c7373ea4b62c7c9563720768824bcb66e71463f6900",
|
"verifying_share": "14fa30f25b790898adc8d74e2c13bdfdc4397ce61cffd33ad7c2a0051e9c78874098a36c7373ea4b62c7c9563720768824bcb66e71463f6900",
|
||||||
"group_public": "14fa30f25b790898adc8d74e2c13bdfdc4397ce61cffd33ad7c2a0051e9c78874098a36c7373ea4b62c7c9563720768824bcb66e71463f6900",
|
"verifying_key": "14fa30f25b790898adc8d74e2c13bdfdc4397ce61cffd33ad7c2a0051e9c78874098a36c7373ea4b62c7c9563720768824bcb66e71463f6900",
|
||||||
"ciphersuite": "FROST(Ed448, SHAKE256)"
|
"ciphersuite": "FROST(Ed448, SHAKE256)"
|
||||||
}"#;
|
}"#;
|
||||||
assert!(serde_json::from_str::<KeyPackage>(invalid_json).is_err());
|
assert!(serde_json::from_str::<KeyPackage>(invalid_json).is_err());
|
||||||
|
|
@ -307,8 +307,8 @@ fn check_key_package_serialization() {
|
||||||
let invalid_json = r#"{
|
let invalid_json = r#"{
|
||||||
"identifier": "2a0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000",
|
"identifier": "2a0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000",
|
||||||
"foo": "4d83e51cb78150c2380ad9b3a18148166024e4c9db3cdf82466d3153aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa2a00",
|
"foo": "4d83e51cb78150c2380ad9b3a18148166024e4c9db3cdf82466d3153aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa2a00",
|
||||||
"public": "14fa30f25b790898adc8d74e2c13bdfdc4397ce61cffd33ad7c2a0051e9c78874098a36c7373ea4b62c7c9563720768824bcb66e71463f6900",
|
"verifying_share": "14fa30f25b790898adc8d74e2c13bdfdc4397ce61cffd33ad7c2a0051e9c78874098a36c7373ea4b62c7c9563720768824bcb66e71463f6900",
|
||||||
"group_public": "14fa30f25b790898adc8d74e2c13bdfdc4397ce61cffd33ad7c2a0051e9c78874098a36c7373ea4b62c7c9563720768824bcb66e71463f6900",
|
"verifying_key": "14fa30f25b790898adc8d74e2c13bdfdc4397ce61cffd33ad7c2a0051e9c78874098a36c7373ea4b62c7c9563720768824bcb66e71463f6900",
|
||||||
"ciphersuite": "FROST(Ed448, SHAKE256)"
|
"ciphersuite": "FROST(Ed448, SHAKE256)"
|
||||||
}"#;
|
}"#;
|
||||||
assert!(serde_json::from_str::<KeyPackage>(invalid_json).is_err());
|
assert!(serde_json::from_str::<KeyPackage>(invalid_json).is_err());
|
||||||
|
|
@ -316,8 +316,8 @@ fn check_key_package_serialization() {
|
||||||
// Missing field
|
// Missing field
|
||||||
let invalid_json = r#"{
|
let invalid_json = r#"{
|
||||||
"identifier": "2a0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000",
|
"identifier": "2a0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000",
|
||||||
"public": "14fa30f25b790898adc8d74e2c13bdfdc4397ce61cffd33ad7c2a0051e9c78874098a36c7373ea4b62c7c9563720768824bcb66e71463f6900",
|
"verifying_share": "14fa30f25b790898adc8d74e2c13bdfdc4397ce61cffd33ad7c2a0051e9c78874098a36c7373ea4b62c7c9563720768824bcb66e71463f6900",
|
||||||
"group_public": "14fa30f25b790898adc8d74e2c13bdfdc4397ce61cffd33ad7c2a0051e9c78874098a36c7373ea4b62c7c9563720768824bcb66e71463f6900",
|
"verifying_key": "14fa30f25b790898adc8d74e2c13bdfdc4397ce61cffd33ad7c2a0051e9c78874098a36c7373ea4b62c7c9563720768824bcb66e71463f6900",
|
||||||
"ciphersuite": "FROST(Ed448, SHAKE256)"
|
"ciphersuite": "FROST(Ed448, SHAKE256)"
|
||||||
}"#;
|
}"#;
|
||||||
assert!(serde_json::from_str::<KeyPackage>(invalid_json).is_err());
|
assert!(serde_json::from_str::<KeyPackage>(invalid_json).is_err());
|
||||||
|
|
@ -325,9 +325,9 @@ fn check_key_package_serialization() {
|
||||||
// Extra field
|
// Extra field
|
||||||
let invalid_json = r#"{
|
let invalid_json = r#"{
|
||||||
"identifier": "2a0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000",
|
"identifier": "2a0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000",
|
||||||
"secret_share": "4d83e51cb78150c2380ad9b3a18148166024e4c9db3cdf82466d3153aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa2a00",
|
"signing_share": "4d83e51cb78150c2380ad9b3a18148166024e4c9db3cdf82466d3153aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa2a00",
|
||||||
"public": "14fa30f25b790898adc8d74e2c13bdfdc4397ce61cffd33ad7c2a0051e9c78874098a36c7373ea4b62c7c9563720768824bcb66e71463f6900",
|
"verifying_share": "14fa30f25b790898adc8d74e2c13bdfdc4397ce61cffd33ad7c2a0051e9c78874098a36c7373ea4b62c7c9563720768824bcb66e71463f6900",
|
||||||
"group_public": "14fa30f25b790898adc8d74e2c13bdfdc4397ce61cffd33ad7c2a0051e9c78874098a36c7373ea4b62c7c9563720768824bcb66e71463f6900",
|
"verifying_key": "14fa30f25b790898adc8d74e2c13bdfdc4397ce61cffd33ad7c2a0051e9c78874098a36c7373ea4b62c7c9563720768824bcb66e71463f6900",
|
||||||
"extra_field": 1,
|
"extra_field": 1,
|
||||||
"ciphersuite": "FROST(Ed448, SHAKE256)"
|
"ciphersuite": "FROST(Ed448, SHAKE256)"
|
||||||
}"#;
|
}"#;
|
||||||
|
|
@ -345,10 +345,10 @@ fn check_public_key_package_serialization() {
|
||||||
assert!(public_key_package == decoded_public_key_package);
|
assert!(public_key_package == decoded_public_key_package);
|
||||||
|
|
||||||
let json = r#"{
|
let json = r#"{
|
||||||
"signer_pubkeys": {
|
"verifying_shares": {
|
||||||
"2a0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000": "14fa30f25b790898adc8d74e2c13bdfdc4397ce61cffd33ad7c2a0051e9c78874098a36c7373ea4b62c7c9563720768824bcb66e71463f6900"
|
"2a0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000": "14fa30f25b790898adc8d74e2c13bdfdc4397ce61cffd33ad7c2a0051e9c78874098a36c7373ea4b62c7c9563720768824bcb66e71463f6900"
|
||||||
},
|
},
|
||||||
"group_public": "14fa30f25b790898adc8d74e2c13bdfdc4397ce61cffd33ad7c2a0051e9c78874098a36c7373ea4b62c7c9563720768824bcb66e71463f6900",
|
"verifying_key": "14fa30f25b790898adc8d74e2c13bdfdc4397ce61cffd33ad7c2a0051e9c78874098a36c7373ea4b62c7c9563720768824bcb66e71463f6900",
|
||||||
"ciphersuite": "FROST(Ed448, SHAKE256)"
|
"ciphersuite": "FROST(Ed448, SHAKE256)"
|
||||||
}"#;
|
}"#;
|
||||||
let decoded_public_key_package: PublicKeyPackage = serde_json::from_str(json).unwrap();
|
let decoded_public_key_package: PublicKeyPackage = serde_json::from_str(json).unwrap();
|
||||||
|
|
@ -359,17 +359,17 @@ fn check_public_key_package_serialization() {
|
||||||
|
|
||||||
// Invalid identifier
|
// Invalid identifier
|
||||||
let invalid_json = r#"{
|
let invalid_json = r#"{
|
||||||
"signer_pubkeys": {
|
"verifying_shares": {
|
||||||
"0000000000000000000000000000000000000000000000000000000000000000": "14fa30f25b790898adc8d74e2c13bdfdc4397ce61cffd33ad7c2a0051e9c78874098a36c7373ea4b62c7c9563720768824bcb66e71463f6900"
|
"0000000000000000000000000000000000000000000000000000000000000000": "14fa30f25b790898adc8d74e2c13bdfdc4397ce61cffd33ad7c2a0051e9c78874098a36c7373ea4b62c7c9563720768824bcb66e71463f6900"
|
||||||
},
|
},
|
||||||
"group_public": "14fa30f25b790898adc8d74e2c13bdfdc4397ce61cffd33ad7c2a0051e9c78874098a36c7373ea4b62c7c9563720768824bcb66e71463f6900",
|
"verifying_key": "14fa30f25b790898adc8d74e2c13bdfdc4397ce61cffd33ad7c2a0051e9c78874098a36c7373ea4b62c7c9563720768824bcb66e71463f6900",
|
||||||
"ciphersuite": "FROST(Ed448, SHAKE256)"
|
"ciphersuite": "FROST(Ed448, SHAKE256)"
|
||||||
}"#;
|
}"#;
|
||||||
assert!(serde_json::from_str::<PublicKeyPackage>(invalid_json).is_err());
|
assert!(serde_json::from_str::<PublicKeyPackage>(invalid_json).is_err());
|
||||||
|
|
||||||
// Invalid field
|
// Invalid field
|
||||||
let invalid_json = r#"{
|
let invalid_json = r#"{
|
||||||
"signer_pubkeys": {
|
"verifying_shares": {
|
||||||
"2a0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000": "14fa30f25b790898adc8d74e2c13bdfdc4397ce61cffd33ad7c2a0051e9c78874098a36c7373ea4b62c7c9563720768824bcb66e71463f6900"
|
"2a0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000": "14fa30f25b790898adc8d74e2c13bdfdc4397ce61cffd33ad7c2a0051e9c78874098a36c7373ea4b62c7c9563720768824bcb66e71463f6900"
|
||||||
},
|
},
|
||||||
"foo": "14fa30f25b790898adc8d74e2c13bdfdc4397ce61cffd33ad7c2a0051e9c78874098a36c7373ea4b62c7c9563720768824bcb66e71463f6900",
|
"foo": "14fa30f25b790898adc8d74e2c13bdfdc4397ce61cffd33ad7c2a0051e9c78874098a36c7373ea4b62c7c9563720768824bcb66e71463f6900",
|
||||||
|
|
@ -379,7 +379,7 @@ fn check_public_key_package_serialization() {
|
||||||
|
|
||||||
// Missing field
|
// Missing field
|
||||||
let invalid_json = r#"{
|
let invalid_json = r#"{
|
||||||
"signer_pubkeys": {
|
"verifying_shares": {
|
||||||
"2a0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000": "14fa30f25b790898adc8d74e2c13bdfdc4397ce61cffd33ad7c2a0051e9c78874098a36c7373ea4b62c7c9563720768824bcb66e71463f6900"
|
"2a0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000": "14fa30f25b790898adc8d74e2c13bdfdc4397ce61cffd33ad7c2a0051e9c78874098a36c7373ea4b62c7c9563720768824bcb66e71463f6900"
|
||||||
},
|
},
|
||||||
"ciphersuite": "FROST(Ed448, SHAKE256)"
|
"ciphersuite": "FROST(Ed448, SHAKE256)"
|
||||||
|
|
@ -388,10 +388,10 @@ fn check_public_key_package_serialization() {
|
||||||
|
|
||||||
// Extra field
|
// Extra field
|
||||||
let invalid_json = r#"{
|
let invalid_json = r#"{
|
||||||
"signer_pubkeys": {
|
"verifying_shares": {
|
||||||
"2a0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000": "14fa30f25b790898adc8d74e2c13bdfdc4397ce61cffd33ad7c2a0051e9c78874098a36c7373ea4b62c7c9563720768824bcb66e71463f6900"
|
"2a0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000": "14fa30f25b790898adc8d74e2c13bdfdc4397ce61cffd33ad7c2a0051e9c78874098a36c7373ea4b62c7c9563720768824bcb66e71463f6900"
|
||||||
},
|
},
|
||||||
"group_public": "14fa30f25b790898adc8d74e2c13bdfdc4397ce61cffd33ad7c2a0051e9c78874098a36c7373ea4b62c7c9563720768824bcb66e71463f6900",
|
"verifying_key": "14fa30f25b790898adc8d74e2c13bdfdc4397ce61cffd33ad7c2a0051e9c78874098a36c7373ea4b62c7c9563720768824bcb66e71463f6900",
|
||||||
"extra": 1,
|
"extra": 1,
|
||||||
"ciphersuite": "FROST(Ed448, SHAKE256)"
|
"ciphersuite": "FROST(Ed448, SHAKE256)"
|
||||||
}"#;
|
}"#;
|
||||||
|
|
@ -463,7 +463,7 @@ fn check_round2_package_serialization() {
|
||||||
assert!(round2_package == decoded_round2_package);
|
assert!(round2_package == decoded_round2_package);
|
||||||
|
|
||||||
let json = r#"{
|
let json = r#"{
|
||||||
"secret_share": "4d83e51cb78150c2380ad9b3a18148166024e4c9db3cdf82466d3153aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa2a00",
|
"signing_share": "4d83e51cb78150c2380ad9b3a18148166024e4c9db3cdf82466d3153aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa2a00",
|
||||||
"ciphersuite": "FROST(Ed448, SHAKE256)"
|
"ciphersuite": "FROST(Ed448, SHAKE256)"
|
||||||
}"#;
|
}"#;
|
||||||
let decoded_round2_package: round2::Package = serde_json::from_str(json).unwrap();
|
let decoded_round2_package: round2::Package = serde_json::from_str(json).unwrap();
|
||||||
|
|
@ -487,7 +487,7 @@ fn check_round2_package_serialization() {
|
||||||
|
|
||||||
// Extra field
|
// Extra field
|
||||||
let invalid_json = r#"{
|
let invalid_json = r#"{
|
||||||
"secret_share": "4d83e51cb78150c2380ad9b3a18148166024e4c9db3cdf82466d3153aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa2a00",
|
"signing_share": "4d83e51cb78150c2380ad9b3a18148166024e4c9db3cdf82466d3153aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa2a00",
|
||||||
"extra": 1,
|
"extra": 1,
|
||||||
"ciphersuite": "FROST(Ed448, SHAKE256)"
|
"ciphersuite": "FROST(Ed448, SHAKE256)"
|
||||||
}"#;
|
}"#;
|
||||||
|
|
|
||||||
|
|
@ -52,7 +52,7 @@ for participant_index in 1..(min_signers as u16 + 1) {
|
||||||
// participant, up to _threshold_.
|
// participant, up to _threshold_.
|
||||||
# // ANCHOR: round1_commit
|
# // ANCHOR: round1_commit
|
||||||
let (nonces, commitments) = frost::round1::commit(
|
let (nonces, commitments) = frost::round1::commit(
|
||||||
key_packages[&participant_identifier].secret_share(),
|
key_packages[&participant_identifier].signing_share(),
|
||||||
&mut rng,
|
&mut rng,
|
||||||
);
|
);
|
||||||
# // ANCHOR_END: round1_commit
|
# // ANCHOR_END: round1_commit
|
||||||
|
|
@ -111,7 +111,7 @@ let group_signature = frost::aggregate(&signing_package, &signature_shares, &pub
|
||||||
// key (the verification key).
|
// key (the verification key).
|
||||||
# // ANCHOR: verify
|
# // ANCHOR: verify
|
||||||
let is_signature_valid = pubkey_package
|
let is_signature_valid = pubkey_package
|
||||||
.group_public()
|
.verifying_key()
|
||||||
.verify(message, &group_signature)
|
.verify(message, &group_signature)
|
||||||
.is_ok();
|
.is_ok();
|
||||||
# // ANCHOR_END: verify
|
# // ANCHOR_END: verify
|
||||||
|
|
|
||||||
|
|
@ -90,9 +90,9 @@ pub fn public_key_package() -> PublicKeyPackage {
|
||||||
let verifying_share = VerifyingShare::deserialize(serialized_element).unwrap();
|
let verifying_share = VerifyingShare::deserialize(serialized_element).unwrap();
|
||||||
let serialized_element = <C as Ciphersuite>::Group::serialize(&element1());
|
let serialized_element = <C as Ciphersuite>::Group::serialize(&element1());
|
||||||
let verifying_key = VerifyingKey::deserialize(serialized_element).unwrap();
|
let verifying_key = VerifyingKey::deserialize(serialized_element).unwrap();
|
||||||
let signer_pubkeys = HashMap::from([(identifier, verifying_share)]);
|
let verifying_shares = HashMap::from([(identifier, verifying_share)]);
|
||||||
|
|
||||||
PublicKeyPackage::new(signer_pubkeys, verifying_key)
|
PublicKeyPackage::new(verifying_shares, verifying_key)
|
||||||
}
|
}
|
||||||
|
|
||||||
/// Generate a sample round1::Package.
|
/// Generate a sample round1::Package.
|
||||||
|
|
|
||||||
|
|
@ -14,7 +14,7 @@
|
||||||
257
|
257
|
||||||
],
|
],
|
||||||
"group_secret_key": "8ba9bba2e0fd8c4767154d35a0b7562244a4aaf6f36c8fb8735fa48b301bd8de",
|
"group_secret_key": "8ba9bba2e0fd8c4767154d35a0b7562244a4aaf6f36c8fb8735fa48b301bd8de",
|
||||||
"group_public_key": "023a309ad94e9fe8a7ba45dfc58f38bf091959d3c99cfbd02b4dc00585ec45ab70",
|
"verifying_key_key": "023a309ad94e9fe8a7ba45dfc58f38bf091959d3c99cfbd02b4dc00585ec45ab70",
|
||||||
"message": "74657374",
|
"message": "74657374",
|
||||||
"share_polynomial_coefficients": [
|
"share_polynomial_coefficients": [
|
||||||
"80f25e6c0709353e46bfbe882a11bdbb1f8097e46340eb8673b7e14556e6c3a4"
|
"80f25e6c0709353e46bfbe882a11bdbb1f8097e46340eb8673b7e14556e6c3a4"
|
||||||
|
|
|
||||||
|
|
@ -13,7 +13,7 @@
|
||||||
3
|
3
|
||||||
],
|
],
|
||||||
"group_secret_key": "8ba9bba2e0fd8c4767154d35a0b7562244a4aaf6f36c8fb8735fa48b301bd8de",
|
"group_secret_key": "8ba9bba2e0fd8c4767154d35a0b7562244a4aaf6f36c8fb8735fa48b301bd8de",
|
||||||
"group_public_key": "023a309ad94e9fe8a7ba45dfc58f38bf091959d3c99cfbd02b4dc00585ec45ab70",
|
"verifying_key_key": "023a309ad94e9fe8a7ba45dfc58f38bf091959d3c99cfbd02b4dc00585ec45ab70",
|
||||||
"message": "74657374",
|
"message": "74657374",
|
||||||
"share_polynomial_coefficients": [
|
"share_polynomial_coefficients": [
|
||||||
"80f25e6c0709353e46bfbe882a11bdbb1f8097e46340eb8673b7e14556e6c3a4"
|
"80f25e6c0709353e46bfbe882a11bdbb1f8097e46340eb8673b7e14556e6c3a4"
|
||||||
|
|
|
||||||
|
|
@ -54,7 +54,7 @@ fn check_secret_share_recreation() {
|
||||||
let secret_share = samples::secret_share();
|
let secret_share = samples::secret_share();
|
||||||
|
|
||||||
let identifier = secret_share.identifier();
|
let identifier = secret_share.identifier();
|
||||||
let value = secret_share.value();
|
let value = secret_share.signing_share();
|
||||||
let commitment = secret_share.commitment();
|
let commitment = secret_share.commitment();
|
||||||
|
|
||||||
let new_secret_share = SecretShare::new(*identifier, *value, commitment.clone());
|
let new_secret_share = SecretShare::new(*identifier, *value, commitment.clone());
|
||||||
|
|
@ -68,9 +68,9 @@ fn check_key_package_recreation() {
|
||||||
let key_package = samples::key_package();
|
let key_package = samples::key_package();
|
||||||
|
|
||||||
let identifier = key_package.identifier();
|
let identifier = key_package.identifier();
|
||||||
let signing_share = key_package.secret_share();
|
let signing_share = key_package.signing_share();
|
||||||
let verifying_share = key_package.public();
|
let verifying_share = key_package.verifying_share();
|
||||||
let verifying_key = key_package.group_public();
|
let verifying_key = key_package.verifying_key();
|
||||||
let min_signers = key_package.min_signers();
|
let min_signers = key_package.min_signers();
|
||||||
|
|
||||||
let new_key_package = KeyPackage::new(
|
let new_key_package = KeyPackage::new(
|
||||||
|
|
@ -89,10 +89,10 @@ fn check_key_package_recreation() {
|
||||||
fn check_public_key_package_recreation() {
|
fn check_public_key_package_recreation() {
|
||||||
let public_key_package = samples::public_key_package();
|
let public_key_package = samples::public_key_package();
|
||||||
|
|
||||||
let signer_pubkeys = public_key_package.signer_pubkeys();
|
let verifying_shares = public_key_package.verifying_shares();
|
||||||
let verifying_key = public_key_package.group_public();
|
let verifying_key = public_key_package.verifying_key();
|
||||||
|
|
||||||
let new_public_key_package = PublicKeyPackage::new(signer_pubkeys.clone(), *verifying_key);
|
let new_public_key_package = PublicKeyPackage::new(verifying_shares.clone(), *verifying_key);
|
||||||
|
|
||||||
assert!(public_key_package == new_public_key_package);
|
assert!(public_key_package == new_public_key_package);
|
||||||
}
|
}
|
||||||
|
|
@ -115,7 +115,7 @@ fn check_round1_package_recreation() {
|
||||||
fn check_round2_package_recreation() {
|
fn check_round2_package_recreation() {
|
||||||
let round2_package = samples::round2_package();
|
let round2_package = samples::round2_package();
|
||||||
|
|
||||||
let signing_share = round2_package.secret_share();
|
let signing_share = round2_package.signing_share();
|
||||||
|
|
||||||
let new_round2_package = round2::Package::new(*signing_share);
|
let new_round2_package = round2::Package::new(*signing_share);
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -212,7 +212,7 @@ fn check_secret_share_serialization() {
|
||||||
|
|
||||||
let json = r#"{
|
let json = r#"{
|
||||||
"identifier": "000000000000000000000000000000000000000000000000000000000000002a",
|
"identifier": "000000000000000000000000000000000000000000000000000000000000002a",
|
||||||
"value": "aaaaaaaa00000000aaaaaaaaaaaaaaaa7def51c91a0fbf034d26872ca84218e1",
|
"signing_share": "aaaaaaaa00000000aaaaaaaaaaaaaaaa7def51c91a0fbf034d26872ca84218e1",
|
||||||
"commitment": [
|
"commitment": [
|
||||||
"036b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c296"
|
"036b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c296"
|
||||||
],
|
],
|
||||||
|
|
@ -227,7 +227,7 @@ fn check_secret_share_serialization() {
|
||||||
// Invalid identifier
|
// Invalid identifier
|
||||||
let invalid_json = r#"{
|
let invalid_json = r#"{
|
||||||
"identifier": "0000000000000000000000000000000000000000000000000000000000000000",
|
"identifier": "0000000000000000000000000000000000000000000000000000000000000000",
|
||||||
"value": "aaaaaaaa00000000aaaaaaaaaaaaaaaa7def51c91a0fbf034d26872ca84218e1",
|
"signing_share": "aaaaaaaa00000000aaaaaaaaaaaaaaaa7def51c91a0fbf034d26872ca84218e1",
|
||||||
"commitment": [
|
"commitment": [
|
||||||
"036b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c296"
|
"036b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c296"
|
||||||
],
|
],
|
||||||
|
|
@ -259,7 +259,7 @@ fn check_secret_share_serialization() {
|
||||||
// Extra field
|
// Extra field
|
||||||
let invalid_json = r#"{
|
let invalid_json = r#"{
|
||||||
"identifier": "000000000000000000000000000000000000000000000000000000000000002a",
|
"identifier": "000000000000000000000000000000000000000000000000000000000000002a",
|
||||||
"value": "aaaaaaaa00000000aaaaaaaaaaaaaaaa7def51c91a0fbf034d26872ca84218e1",
|
"signing_share": "aaaaaaaa00000000aaaaaaaaaaaaaaaa7def51c91a0fbf034d26872ca84218e1",
|
||||||
"commitment": [
|
"commitment": [
|
||||||
"036b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c296"
|
"036b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c296"
|
||||||
],
|
],
|
||||||
|
|
@ -281,9 +281,9 @@ fn check_key_package_serialization() {
|
||||||
|
|
||||||
let json = r#"{
|
let json = r#"{
|
||||||
"identifier": "000000000000000000000000000000000000000000000000000000000000002a",
|
"identifier": "000000000000000000000000000000000000000000000000000000000000002a",
|
||||||
"secret_share": "aaaaaaaa00000000aaaaaaaaaaaaaaaa7def51c91a0fbf034d26872ca84218e1",
|
"signing_share": "aaaaaaaa00000000aaaaaaaaaaaaaaaa7def51c91a0fbf034d26872ca84218e1",
|
||||||
"public": "036b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c296",
|
"verifying_share": "036b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c296",
|
||||||
"group_public": "036b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c296",
|
"verifying_key": "036b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c296",
|
||||||
"min_signers": 2,
|
"min_signers": 2,
|
||||||
"ciphersuite": "FROST(P-256, SHA-256)"
|
"ciphersuite": "FROST(P-256, SHA-256)"
|
||||||
}"#;
|
}"#;
|
||||||
|
|
@ -296,9 +296,9 @@ fn check_key_package_serialization() {
|
||||||
// Invalid identifier
|
// Invalid identifier
|
||||||
let invalid_json = r#"{
|
let invalid_json = r#"{
|
||||||
"identifier": "0000000000000000000000000000000000000000000000000000000000000000",
|
"identifier": "0000000000000000000000000000000000000000000000000000000000000000",
|
||||||
"secret_share": "aaaaaaaa00000000aaaaaaaaaaaaaaaa7def51c91a0fbf034d26872ca84218e1",
|
"signing_share": "aaaaaaaa00000000aaaaaaaaaaaaaaaa7def51c91a0fbf034d26872ca84218e1",
|
||||||
"public": "036b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c296",
|
"verifying_share": "036b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c296",
|
||||||
"group_public": "036b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c296",
|
"verifying_key": "036b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c296",
|
||||||
"ciphersuite": "FROST(P-256, SHA-256)"
|
"ciphersuite": "FROST(P-256, SHA-256)"
|
||||||
}"#;
|
}"#;
|
||||||
assert!(serde_json::from_str::<KeyPackage>(invalid_json).is_err());
|
assert!(serde_json::from_str::<KeyPackage>(invalid_json).is_err());
|
||||||
|
|
@ -307,8 +307,8 @@ fn check_key_package_serialization() {
|
||||||
let invalid_json = r#"{
|
let invalid_json = r#"{
|
||||||
"identifier": "000000000000000000000000000000000000000000000000000000000000002a",
|
"identifier": "000000000000000000000000000000000000000000000000000000000000002a",
|
||||||
"foo": "aaaaaaaa00000000aaaaaaaaaaaaaaaa7def51c91a0fbf034d26872ca84218e1",
|
"foo": "aaaaaaaa00000000aaaaaaaaaaaaaaaa7def51c91a0fbf034d26872ca84218e1",
|
||||||
"public": "036b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c296",
|
"verifying_share": "036b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c296",
|
||||||
"group_public": "036b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c296",
|
"verifying_key": "036b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c296",
|
||||||
"ciphersuite": "FROST(P-256, SHA-256)"
|
"ciphersuite": "FROST(P-256, SHA-256)"
|
||||||
}"#;
|
}"#;
|
||||||
assert!(serde_json::from_str::<KeyPackage>(invalid_json).is_err());
|
assert!(serde_json::from_str::<KeyPackage>(invalid_json).is_err());
|
||||||
|
|
@ -316,8 +316,8 @@ fn check_key_package_serialization() {
|
||||||
// Missing field
|
// Missing field
|
||||||
let invalid_json = r#"{
|
let invalid_json = r#"{
|
||||||
"identifier": "000000000000000000000000000000000000000000000000000000000000002a",
|
"identifier": "000000000000000000000000000000000000000000000000000000000000002a",
|
||||||
"public": "036b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c296",
|
"verifying_share": "036b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c296",
|
||||||
"group_public": "036b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c296",
|
"verifying_key": "036b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c296",
|
||||||
"ciphersuite": "FROST(P-256, SHA-256)"
|
"ciphersuite": "FROST(P-256, SHA-256)"
|
||||||
}"#;
|
}"#;
|
||||||
assert!(serde_json::from_str::<KeyPackage>(invalid_json).is_err());
|
assert!(serde_json::from_str::<KeyPackage>(invalid_json).is_err());
|
||||||
|
|
@ -325,9 +325,9 @@ fn check_key_package_serialization() {
|
||||||
// Extra field
|
// Extra field
|
||||||
let invalid_json = r#"{
|
let invalid_json = r#"{
|
||||||
"identifier": "000000000000000000000000000000000000000000000000000000000000002a",
|
"identifier": "000000000000000000000000000000000000000000000000000000000000002a",
|
||||||
"secret_share": "aaaaaaaa00000000aaaaaaaaaaaaaaaa7def51c91a0fbf034d26872ca84218e1",
|
"signing_share": "aaaaaaaa00000000aaaaaaaaaaaaaaaa7def51c91a0fbf034d26872ca84218e1",
|
||||||
"public": "036b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c296",
|
"verifying_share": "036b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c296",
|
||||||
"group_public": "036b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c296",
|
"verifying_key": "036b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c296",
|
||||||
"extra_field": 1,
|
"extra_field": 1,
|
||||||
"ciphersuite": "FROST(P-256, SHA-256)"
|
"ciphersuite": "FROST(P-256, SHA-256)"
|
||||||
}"#;
|
}"#;
|
||||||
|
|
@ -345,10 +345,10 @@ fn check_public_key_package_serialization() {
|
||||||
assert!(public_key_package == decoded_public_key_package);
|
assert!(public_key_package == decoded_public_key_package);
|
||||||
|
|
||||||
let json = r#"{
|
let json = r#"{
|
||||||
"signer_pubkeys": {
|
"verifying_shares": {
|
||||||
"000000000000000000000000000000000000000000000000000000000000002a": "036b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c296"
|
"000000000000000000000000000000000000000000000000000000000000002a": "036b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c296"
|
||||||
},
|
},
|
||||||
"group_public": "036b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c296",
|
"verifying_key": "036b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c296",
|
||||||
"ciphersuite": "FROST(P-256, SHA-256)"
|
"ciphersuite": "FROST(P-256, SHA-256)"
|
||||||
}"#;
|
}"#;
|
||||||
let decoded_public_key_package: PublicKeyPackage = serde_json::from_str(json).unwrap();
|
let decoded_public_key_package: PublicKeyPackage = serde_json::from_str(json).unwrap();
|
||||||
|
|
@ -359,17 +359,17 @@ fn check_public_key_package_serialization() {
|
||||||
|
|
||||||
// Invalid identifier
|
// Invalid identifier
|
||||||
let invalid_json = r#"{
|
let invalid_json = r#"{
|
||||||
"signer_pubkeys": {
|
"verifying_shares": {
|
||||||
"0000000000000000000000000000000000000000000000000000000000000000": "036b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c296"
|
"0000000000000000000000000000000000000000000000000000000000000000": "036b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c296"
|
||||||
},
|
},
|
||||||
"group_public": "036b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c296",
|
"verifying_key": "036b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c296",
|
||||||
"ciphersuite": "FROST(P-256, SHA-256)"
|
"ciphersuite": "FROST(P-256, SHA-256)"
|
||||||
}"#;
|
}"#;
|
||||||
assert!(serde_json::from_str::<PublicKeyPackage>(invalid_json).is_err());
|
assert!(serde_json::from_str::<PublicKeyPackage>(invalid_json).is_err());
|
||||||
|
|
||||||
// Invalid field
|
// Invalid field
|
||||||
let invalid_json = r#"{
|
let invalid_json = r#"{
|
||||||
"signer_pubkeys": {
|
"verifying_shares": {
|
||||||
"000000000000000000000000000000000000000000000000000000000000002a": "036b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c296"
|
"000000000000000000000000000000000000000000000000000000000000002a": "036b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c296"
|
||||||
},
|
},
|
||||||
"foo": "036b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c296",
|
"foo": "036b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c296",
|
||||||
|
|
@ -379,7 +379,7 @@ fn check_public_key_package_serialization() {
|
||||||
|
|
||||||
// Missing field
|
// Missing field
|
||||||
let invalid_json = r#"{
|
let invalid_json = r#"{
|
||||||
"signer_pubkeys": {
|
"verifying_shares": {
|
||||||
"000000000000000000000000000000000000000000000000000000000000002a": "036b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c296"
|
"000000000000000000000000000000000000000000000000000000000000002a": "036b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c296"
|
||||||
},
|
},
|
||||||
"ciphersuite": "FROST(P-256, SHA-256)"
|
"ciphersuite": "FROST(P-256, SHA-256)"
|
||||||
|
|
@ -388,10 +388,10 @@ fn check_public_key_package_serialization() {
|
||||||
|
|
||||||
// Extra field
|
// Extra field
|
||||||
let invalid_json = r#"{
|
let invalid_json = r#"{
|
||||||
"signer_pubkeys": {
|
"verifying_shares": {
|
||||||
"000000000000000000000000000000000000000000000000000000000000002a": "036b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c296"
|
"000000000000000000000000000000000000000000000000000000000000002a": "036b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c296"
|
||||||
},
|
},
|
||||||
"group_public": "036b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c296",
|
"verifying_key": "036b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c296",
|
||||||
"extra": 1,
|
"extra": 1,
|
||||||
"ciphersuite": "FROST(P-256, SHA-256)"
|
"ciphersuite": "FROST(P-256, SHA-256)"
|
||||||
}"#;
|
}"#;
|
||||||
|
|
@ -463,7 +463,7 @@ fn check_round2_package_serialization() {
|
||||||
assert!(round2_package == decoded_round2_package);
|
assert!(round2_package == decoded_round2_package);
|
||||||
|
|
||||||
let json = r#"{
|
let json = r#"{
|
||||||
"secret_share": "aaaaaaaa00000000aaaaaaaaaaaaaaaa7def51c91a0fbf034d26872ca84218e1",
|
"signing_share": "aaaaaaaa00000000aaaaaaaaaaaaaaaa7def51c91a0fbf034d26872ca84218e1",
|
||||||
"ciphersuite": "FROST(P-256, SHA-256)"
|
"ciphersuite": "FROST(P-256, SHA-256)"
|
||||||
}"#;
|
}"#;
|
||||||
let decoded_round2_package: round2::Package = serde_json::from_str(json).unwrap();
|
let decoded_round2_package: round2::Package = serde_json::from_str(json).unwrap();
|
||||||
|
|
@ -487,7 +487,7 @@ fn check_round2_package_serialization() {
|
||||||
|
|
||||||
// Extra field
|
// Extra field
|
||||||
let invalid_json = r#"{
|
let invalid_json = r#"{
|
||||||
"secret_share": "aaaaaaaa00000000aaaaaaaaaaaaaaaa7def51c91a0fbf034d26872ca84218e1",
|
"signing_share": "aaaaaaaa00000000aaaaaaaaaaaaaaaa7def51c91a0fbf034d26872ca84218e1",
|
||||||
"extra": 1,
|
"extra": 1,
|
||||||
"ciphersuite": "FROST(P-256, SHA-256)"
|
"ciphersuite": "FROST(P-256, SHA-256)"
|
||||||
}"#;
|
}"#;
|
||||||
|
|
|
||||||
|
|
@ -58,12 +58,12 @@ impl<C: Ciphersuite> Randomize<C> for KeyPackage<C> {
|
||||||
Self: Sized,
|
Self: Sized,
|
||||||
C: Ciphersuite,
|
C: Ciphersuite,
|
||||||
{
|
{
|
||||||
let verifying_share = self.public();
|
let verifying_share = self.verifying_share();
|
||||||
let randomized_verifying_share = VerifyingShare::<C>::new(
|
let randomized_verifying_share = VerifyingShare::<C>::new(
|
||||||
verifying_share.to_element() + randomized_params.randomizer_element,
|
verifying_share.to_element() + randomized_params.randomizer_element,
|
||||||
);
|
);
|
||||||
|
|
||||||
let signing_share = self.secret_share();
|
let signing_share = self.signing_share();
|
||||||
let randomized_signing_share =
|
let randomized_signing_share =
|
||||||
SigningShare::new(signing_share.to_scalar() + randomized_params.randomizer.0);
|
SigningShare::new(signing_share.to_scalar() + randomized_params.randomizer.0);
|
||||||
|
|
||||||
|
|
@ -89,7 +89,7 @@ impl<C: Ciphersuite> Randomize<C> for PublicKeyPackage<C> {
|
||||||
Self: Sized,
|
Self: Sized,
|
||||||
C: Ciphersuite,
|
C: Ciphersuite,
|
||||||
{
|
{
|
||||||
let verifying_shares = self.signer_pubkeys().clone();
|
let verifying_shares = self.verifying_shares().clone();
|
||||||
let randomized_verifying_shares = verifying_shares
|
let randomized_verifying_shares = verifying_shares
|
||||||
.iter()
|
.iter()
|
||||||
.map(|(identifier, verifying_share)| {
|
.map(|(identifier, verifying_share)| {
|
||||||
|
|
@ -120,7 +120,7 @@ pub fn sign<C: Ciphersuite>(
|
||||||
randomizer: Randomizer<C>,
|
randomizer: Randomizer<C>,
|
||||||
) -> Result<frost::round2::SignatureShare<C>, Error<C>> {
|
) -> Result<frost::round2::SignatureShare<C>, Error<C>> {
|
||||||
let randomized_params =
|
let randomized_params =
|
||||||
RandomizedParams::from_randomizer(key_package.group_public(), randomizer);
|
RandomizedParams::from_randomizer(key_package.verifying_key(), randomizer);
|
||||||
let randomized_key_package = key_package.randomize(&randomized_params)?;
|
let randomized_key_package = key_package.randomize(&randomized_params)?;
|
||||||
frost::round2::sign(signing_package, signer_nonces, &randomized_key_package)
|
frost::round2::sign(signing_package, signer_nonces, &randomized_key_package)
|
||||||
}
|
}
|
||||||
|
|
@ -238,9 +238,9 @@ where
|
||||||
randomizer: Randomizer<C>,
|
randomizer: Randomizer<C>,
|
||||||
) -> Self {
|
) -> Self {
|
||||||
let randomizer_element = <C::Group as Group>::generator() * randomizer.0;
|
let randomizer_element = <C::Group as Group>::generator() * randomizer.0;
|
||||||
let group_public_element = group_verifying_key.to_element();
|
let verifying_key_element = group_verifying_key.to_element();
|
||||||
let randomized_group_public_element = group_public_element + randomizer_element;
|
let randomized_verifying_key_element = verifying_key_element + randomizer_element;
|
||||||
let randomized_verifying_key = VerifyingKey::<C>::new(randomized_group_public_element);
|
let randomized_verifying_key = VerifyingKey::<C>::new(randomized_verifying_key_element);
|
||||||
|
|
||||||
Self {
|
Self {
|
||||||
randomizer,
|
randomizer,
|
||||||
|
|
|
||||||
|
|
@ -39,7 +39,7 @@ pub fn check_randomized_sign_with_dealer<C: Ciphersuite, R: RngCore + CryptoRng>
|
||||||
BTreeMap::new();
|
BTreeMap::new();
|
||||||
|
|
||||||
check_from_randomizer(&pubkeys, &mut rng);
|
check_from_randomizer(&pubkeys, &mut rng);
|
||||||
let randomizer_params = RandomizedParams::new(pubkeys.group_public(), &mut rng);
|
let randomizer_params = RandomizedParams::new(pubkeys.verifying_key(), &mut rng);
|
||||||
let randomizer = randomizer_params.randomizer();
|
let randomizer = randomizer_params.randomizer();
|
||||||
|
|
||||||
////////////////////////////////////////////////////////////////////////////
|
////////////////////////////////////////////////////////////////////////////
|
||||||
|
|
@ -54,7 +54,7 @@ pub fn check_randomized_sign_with_dealer<C: Ciphersuite, R: RngCore + CryptoRng>
|
||||||
key_packages
|
key_packages
|
||||||
.get(&participant_identifier)
|
.get(&participant_identifier)
|
||||||
.unwrap()
|
.unwrap()
|
||||||
.secret_share(),
|
.signing_share(),
|
||||||
&mut rng,
|
&mut rng,
|
||||||
);
|
);
|
||||||
nonces.insert(participant_identifier, nonce);
|
nonces.insert(participant_identifier, nonce);
|
||||||
|
|
@ -108,7 +108,7 @@ pub fn check_randomized_sign_with_dealer<C: Ciphersuite, R: RngCore + CryptoRng>
|
||||||
.verify(message, &group_signature)
|
.verify(message, &group_signature)
|
||||||
.is_ok());
|
.is_ok());
|
||||||
|
|
||||||
// Note that key_package.group_public can't be used to verify the signature
|
// Note that key_package.verifying_key can't be used to verify the signature
|
||||||
// since those are non-randomized.
|
// since those are non-randomized.
|
||||||
|
|
||||||
(
|
(
|
||||||
|
|
@ -124,7 +124,7 @@ fn check_from_randomizer<C: Ciphersuite, R: RngCore + CryptoRng>(
|
||||||
) {
|
) {
|
||||||
let randomizer = Randomizer::new(rng);
|
let randomizer = Randomizer::new(rng);
|
||||||
|
|
||||||
let randomizer_params = RandomizedParams::from_randomizer(pubkeys.group_public(), randomizer);
|
let randomizer_params = RandomizedParams::from_randomizer(pubkeys.verifying_key(), randomizer);
|
||||||
|
|
||||||
assert!(*randomizer_params.randomizer() == randomizer);
|
assert!(*randomizer_params.randomizer() == randomizer);
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -52,7 +52,7 @@ for participant_index in 1..(min_signers as u16 + 1) {
|
||||||
// participant, up to _threshold_.
|
// participant, up to _threshold_.
|
||||||
# // ANCHOR: round1_commit
|
# // ANCHOR: round1_commit
|
||||||
let (nonces, commitments) = frost::round1::commit(
|
let (nonces, commitments) = frost::round1::commit(
|
||||||
key_packages[&participant_identifier].secret_share(),
|
key_packages[&participant_identifier].signing_share(),
|
||||||
&mut rng,
|
&mut rng,
|
||||||
);
|
);
|
||||||
# // ANCHOR_END: round1_commit
|
# // ANCHOR_END: round1_commit
|
||||||
|
|
@ -111,7 +111,7 @@ let group_signature = frost::aggregate(&signing_package, &signature_shares, &pub
|
||||||
// key (the verification key).
|
// key (the verification key).
|
||||||
# // ANCHOR: verify
|
# // ANCHOR: verify
|
||||||
let is_signature_valid = pubkey_package
|
let is_signature_valid = pubkey_package
|
||||||
.group_public()
|
.verifying_key()
|
||||||
.verify(message, &group_signature)
|
.verify(message, &group_signature)
|
||||||
.is_ok();
|
.is_ok();
|
||||||
# // ANCHOR_END: verify
|
# // ANCHOR_END: verify
|
||||||
|
|
|
||||||
|
|
@ -90,9 +90,9 @@ pub fn public_key_package() -> PublicKeyPackage {
|
||||||
let verifying_share = VerifyingShare::deserialize(serialized_element).unwrap();
|
let verifying_share = VerifyingShare::deserialize(serialized_element).unwrap();
|
||||||
let serialized_element = <C as Ciphersuite>::Group::serialize(&element1());
|
let serialized_element = <C as Ciphersuite>::Group::serialize(&element1());
|
||||||
let verifying_key = VerifyingKey::deserialize(serialized_element).unwrap();
|
let verifying_key = VerifyingKey::deserialize(serialized_element).unwrap();
|
||||||
let signer_pubkeys = HashMap::from([(identifier, verifying_share)]);
|
let verifying_shares = HashMap::from([(identifier, verifying_share)]);
|
||||||
|
|
||||||
PublicKeyPackage::new(signer_pubkeys, verifying_key)
|
PublicKeyPackage::new(verifying_shares, verifying_key)
|
||||||
}
|
}
|
||||||
|
|
||||||
/// Generate a sample round1::Package.
|
/// Generate a sample round1::Package.
|
||||||
|
|
|
||||||
|
|
@ -14,7 +14,7 @@
|
||||||
257
|
257
|
||||||
],
|
],
|
||||||
"group_secret_key": "1b25a55e463cfd15cf14a5d3acc3d15053f08da49c8afcf3ab265f2ebc4f970b",
|
"group_secret_key": "1b25a55e463cfd15cf14a5d3acc3d15053f08da49c8afcf3ab265f2ebc4f970b",
|
||||||
"group_public_key": "e2a62f39eede11269e3bd5a7d97554f5ca384f9f6d3dd9c3c0d05083c7254f57",
|
"verifying_key_key": "e2a62f39eede11269e3bd5a7d97554f5ca384f9f6d3dd9c3c0d05083c7254f57",
|
||||||
"message": "74657374",
|
"message": "74657374",
|
||||||
"share_polynomial_coefficients": [
|
"share_polynomial_coefficients": [
|
||||||
"410f8b744b19325891d73736923525a4f596c805d060dfb9c98009d34e3fec02"
|
"410f8b744b19325891d73736923525a4f596c805d060dfb9c98009d34e3fec02"
|
||||||
|
|
|
||||||
|
|
@ -13,7 +13,7 @@
|
||||||
3
|
3
|
||||||
],
|
],
|
||||||
"group_secret_key": "1b25a55e463cfd15cf14a5d3acc3d15053f08da49c8afcf3ab265f2ebc4f970b",
|
"group_secret_key": "1b25a55e463cfd15cf14a5d3acc3d15053f08da49c8afcf3ab265f2ebc4f970b",
|
||||||
"group_public_key": "e2a62f39eede11269e3bd5a7d97554f5ca384f9f6d3dd9c3c0d05083c7254f57",
|
"verifying_key_key": "e2a62f39eede11269e3bd5a7d97554f5ca384f9f6d3dd9c3c0d05083c7254f57",
|
||||||
"message": "74657374",
|
"message": "74657374",
|
||||||
"share_polynomial_coefficients": [
|
"share_polynomial_coefficients": [
|
||||||
"410f8b744b19325891d73736923525a4f596c805d060dfb9c98009d34e3fec02"
|
"410f8b744b19325891d73736923525a4f596c805d060dfb9c98009d34e3fec02"
|
||||||
|
|
|
||||||
|
|
@ -54,7 +54,7 @@ fn check_secret_share_recreation() {
|
||||||
let secret_share = samples::secret_share();
|
let secret_share = samples::secret_share();
|
||||||
|
|
||||||
let identifier = secret_share.identifier();
|
let identifier = secret_share.identifier();
|
||||||
let value = secret_share.value();
|
let value = secret_share.signing_share();
|
||||||
let commitment = secret_share.commitment();
|
let commitment = secret_share.commitment();
|
||||||
|
|
||||||
let new_secret_share = SecretShare::new(*identifier, *value, commitment.clone());
|
let new_secret_share = SecretShare::new(*identifier, *value, commitment.clone());
|
||||||
|
|
@ -68,9 +68,9 @@ fn check_key_package_recreation() {
|
||||||
let key_package = samples::key_package();
|
let key_package = samples::key_package();
|
||||||
|
|
||||||
let identifier = key_package.identifier();
|
let identifier = key_package.identifier();
|
||||||
let signing_share = key_package.secret_share();
|
let signing_share = key_package.signing_share();
|
||||||
let verifying_share = key_package.public();
|
let verifying_share = key_package.verifying_share();
|
||||||
let verifying_key = key_package.group_public();
|
let verifying_key = key_package.verifying_key();
|
||||||
let min_signers = key_package.min_signers();
|
let min_signers = key_package.min_signers();
|
||||||
|
|
||||||
let new_key_package = KeyPackage::new(
|
let new_key_package = KeyPackage::new(
|
||||||
|
|
@ -89,10 +89,10 @@ fn check_key_package_recreation() {
|
||||||
fn check_public_key_package_recreation() {
|
fn check_public_key_package_recreation() {
|
||||||
let public_key_package = samples::public_key_package();
|
let public_key_package = samples::public_key_package();
|
||||||
|
|
||||||
let signer_pubkeys = public_key_package.signer_pubkeys();
|
let verifying_shares = public_key_package.verifying_shares();
|
||||||
let verifying_key = public_key_package.group_public();
|
let verifying_key = public_key_package.verifying_key();
|
||||||
|
|
||||||
let new_public_key_package = PublicKeyPackage::new(signer_pubkeys.clone(), *verifying_key);
|
let new_public_key_package = PublicKeyPackage::new(verifying_shares.clone(), *verifying_key);
|
||||||
|
|
||||||
assert!(public_key_package == new_public_key_package);
|
assert!(public_key_package == new_public_key_package);
|
||||||
}
|
}
|
||||||
|
|
@ -115,7 +115,7 @@ fn check_round1_package_recreation() {
|
||||||
fn check_round2_package_recreation() {
|
fn check_round2_package_recreation() {
|
||||||
let round2_package = samples::round2_package();
|
let round2_package = samples::round2_package();
|
||||||
|
|
||||||
let signing_share = round2_package.secret_share();
|
let signing_share = round2_package.signing_share();
|
||||||
|
|
||||||
let new_round2_package = round2::Package::new(*signing_share);
|
let new_round2_package = round2::Package::new(*signing_share);
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -212,7 +212,7 @@ fn check_secret_share_serialization() {
|
||||||
|
|
||||||
let json = r#"{
|
let json = r#"{
|
||||||
"identifier": "2a00000000000000000000000000000000000000000000000000000000000000",
|
"identifier": "2a00000000000000000000000000000000000000000000000000000000000000",
|
||||||
"value": "498d4e9311420c903913a56c94a694b8aaaaaaaaaaaaaaaaaaaaaaaaaaaaaa0a",
|
"signing_share": "498d4e9311420c903913a56c94a694b8aaaaaaaaaaaaaaaaaaaaaaaaaaaaaa0a",
|
||||||
"commitment": [
|
"commitment": [
|
||||||
"e2f2ae0a6abc4e71a884a961c500515f58e30b6aa582dd8db6a65945e08d2d76"
|
"e2f2ae0a6abc4e71a884a961c500515f58e30b6aa582dd8db6a65945e08d2d76"
|
||||||
],
|
],
|
||||||
|
|
@ -227,7 +227,7 @@ fn check_secret_share_serialization() {
|
||||||
// Invalid identifier
|
// Invalid identifier
|
||||||
let invalid_json = r#"{
|
let invalid_json = r#"{
|
||||||
"identifier": "0000000000000000000000000000000000000000000000000000000000000000",
|
"identifier": "0000000000000000000000000000000000000000000000000000000000000000",
|
||||||
"value": "498d4e9311420c903913a56c94a694b8aaaaaaaaaaaaaaaaaaaaaaaaaaaaaa0a",
|
"signing_share": "498d4e9311420c903913a56c94a694b8aaaaaaaaaaaaaaaaaaaaaaaaaaaaaa0a",
|
||||||
"commitment": [
|
"commitment": [
|
||||||
"e2f2ae0a6abc4e71a884a961c500515f58e30b6aa582dd8db6a65945e08d2d76"
|
"e2f2ae0a6abc4e71a884a961c500515f58e30b6aa582dd8db6a65945e08d2d76"
|
||||||
],
|
],
|
||||||
|
|
@ -259,7 +259,7 @@ fn check_secret_share_serialization() {
|
||||||
// Extra field
|
// Extra field
|
||||||
let invalid_json = r#"{
|
let invalid_json = r#"{
|
||||||
"identifier": "2a00000000000000000000000000000000000000000000000000000000000000",
|
"identifier": "2a00000000000000000000000000000000000000000000000000000000000000",
|
||||||
"value": "498d4e9311420c903913a56c94a694b8aaaaaaaaaaaaaaaaaaaaaaaaaaaaaa0a",
|
"signing_share": "498d4e9311420c903913a56c94a694b8aaaaaaaaaaaaaaaaaaaaaaaaaaaaaa0a",
|
||||||
"commitment": [
|
"commitment": [
|
||||||
"e2f2ae0a6abc4e71a884a961c500515f58e30b6aa582dd8db6a65945e08d2d76"
|
"e2f2ae0a6abc4e71a884a961c500515f58e30b6aa582dd8db6a65945e08d2d76"
|
||||||
],
|
],
|
||||||
|
|
@ -281,9 +281,9 @@ fn check_key_package_serialization() {
|
||||||
|
|
||||||
let json = r#"{
|
let json = r#"{
|
||||||
"identifier": "2a00000000000000000000000000000000000000000000000000000000000000",
|
"identifier": "2a00000000000000000000000000000000000000000000000000000000000000",
|
||||||
"secret_share": "498d4e9311420c903913a56c94a694b8aaaaaaaaaaaaaaaaaaaaaaaaaaaaaa0a",
|
"signing_share": "498d4e9311420c903913a56c94a694b8aaaaaaaaaaaaaaaaaaaaaaaaaaaaaa0a",
|
||||||
"public": "e2f2ae0a6abc4e71a884a961c500515f58e30b6aa582dd8db6a65945e08d2d76",
|
"verifying_share": "e2f2ae0a6abc4e71a884a961c500515f58e30b6aa582dd8db6a65945e08d2d76",
|
||||||
"group_public": "e2f2ae0a6abc4e71a884a961c500515f58e30b6aa582dd8db6a65945e08d2d76",
|
"verifying_key": "e2f2ae0a6abc4e71a884a961c500515f58e30b6aa582dd8db6a65945e08d2d76",
|
||||||
"min_signers": 2,
|
"min_signers": 2,
|
||||||
"ciphersuite": "FROST(ristretto255, SHA-512)"
|
"ciphersuite": "FROST(ristretto255, SHA-512)"
|
||||||
}"#;
|
}"#;
|
||||||
|
|
@ -296,9 +296,9 @@ fn check_key_package_serialization() {
|
||||||
// Invalid identifier
|
// Invalid identifier
|
||||||
let invalid_json = r#"{
|
let invalid_json = r#"{
|
||||||
"identifier": "0000000000000000000000000000000000000000000000000000000000000000",
|
"identifier": "0000000000000000000000000000000000000000000000000000000000000000",
|
||||||
"secret_share": "498d4e9311420c903913a56c94a694b8aaaaaaaaaaaaaaaaaaaaaaaaaaaaaa0a",
|
"signing_share": "498d4e9311420c903913a56c94a694b8aaaaaaaaaaaaaaaaaaaaaaaaaaaaaa0a",
|
||||||
"public": "e2f2ae0a6abc4e71a884a961c500515f58e30b6aa582dd8db6a65945e08d2d76",
|
"verifying_share": "e2f2ae0a6abc4e71a884a961c500515f58e30b6aa582dd8db6a65945e08d2d76",
|
||||||
"group_public": "e2f2ae0a6abc4e71a884a961c500515f58e30b6aa582dd8db6a65945e08d2d76",
|
"verifying_key": "e2f2ae0a6abc4e71a884a961c500515f58e30b6aa582dd8db6a65945e08d2d76",
|
||||||
"ciphersuite": "FROST(ristretto255, SHA-512)"
|
"ciphersuite": "FROST(ristretto255, SHA-512)"
|
||||||
}"#;
|
}"#;
|
||||||
assert!(serde_json::from_str::<KeyPackage>(invalid_json).is_err());
|
assert!(serde_json::from_str::<KeyPackage>(invalid_json).is_err());
|
||||||
|
|
@ -307,8 +307,8 @@ fn check_key_package_serialization() {
|
||||||
let invalid_json = r#"{
|
let invalid_json = r#"{
|
||||||
"identifier": "2a00000000000000000000000000000000000000000000000000000000000000",
|
"identifier": "2a00000000000000000000000000000000000000000000000000000000000000",
|
||||||
"foo": "498d4e9311420c903913a56c94a694b8aaaaaaaaaaaaaaaaaaaaaaaaaaaaaa0a",
|
"foo": "498d4e9311420c903913a56c94a694b8aaaaaaaaaaaaaaaaaaaaaaaaaaaaaa0a",
|
||||||
"public": "e2f2ae0a6abc4e71a884a961c500515f58e30b6aa582dd8db6a65945e08d2d76",
|
"verifying_share": "e2f2ae0a6abc4e71a884a961c500515f58e30b6aa582dd8db6a65945e08d2d76",
|
||||||
"group_public": "e2f2ae0a6abc4e71a884a961c500515f58e30b6aa582dd8db6a65945e08d2d76",
|
"verifying_key": "e2f2ae0a6abc4e71a884a961c500515f58e30b6aa582dd8db6a65945e08d2d76",
|
||||||
"ciphersuite": "FROST(ristretto255, SHA-512)"
|
"ciphersuite": "FROST(ristretto255, SHA-512)"
|
||||||
}"#;
|
}"#;
|
||||||
assert!(serde_json::from_str::<KeyPackage>(invalid_json).is_err());
|
assert!(serde_json::from_str::<KeyPackage>(invalid_json).is_err());
|
||||||
|
|
@ -316,8 +316,8 @@ fn check_key_package_serialization() {
|
||||||
// Missing field
|
// Missing field
|
||||||
let invalid_json = r#"{
|
let invalid_json = r#"{
|
||||||
"identifier": "2a00000000000000000000000000000000000000000000000000000000000000",
|
"identifier": "2a00000000000000000000000000000000000000000000000000000000000000",
|
||||||
"public": "e2f2ae0a6abc4e71a884a961c500515f58e30b6aa582dd8db6a65945e08d2d76",
|
"verifying_share": "e2f2ae0a6abc4e71a884a961c500515f58e30b6aa582dd8db6a65945e08d2d76",
|
||||||
"group_public": "e2f2ae0a6abc4e71a884a961c500515f58e30b6aa582dd8db6a65945e08d2d76",
|
"verifying_key": "e2f2ae0a6abc4e71a884a961c500515f58e30b6aa582dd8db6a65945e08d2d76",
|
||||||
"ciphersuite": "FROST(ristretto255, SHA-512)"
|
"ciphersuite": "FROST(ristretto255, SHA-512)"
|
||||||
}"#;
|
}"#;
|
||||||
assert!(serde_json::from_str::<KeyPackage>(invalid_json).is_err());
|
assert!(serde_json::from_str::<KeyPackage>(invalid_json).is_err());
|
||||||
|
|
@ -325,9 +325,9 @@ fn check_key_package_serialization() {
|
||||||
// Extra field
|
// Extra field
|
||||||
let invalid_json = r#"{
|
let invalid_json = r#"{
|
||||||
"identifier": "2a00000000000000000000000000000000000000000000000000000000000000",
|
"identifier": "2a00000000000000000000000000000000000000000000000000000000000000",
|
||||||
"secret_share": "498d4e9311420c903913a56c94a694b8aaaaaaaaaaaaaaaaaaaaaaaaaaaaaa0a",
|
"signing_share": "498d4e9311420c903913a56c94a694b8aaaaaaaaaaaaaaaaaaaaaaaaaaaaaa0a",
|
||||||
"public": "e2f2ae0a6abc4e71a884a961c500515f58e30b6aa582dd8db6a65945e08d2d76",
|
"verifying_share": "e2f2ae0a6abc4e71a884a961c500515f58e30b6aa582dd8db6a65945e08d2d76",
|
||||||
"group_public": "e2f2ae0a6abc4e71a884a961c500515f58e30b6aa582dd8db6a65945e08d2d76",
|
"verifying_key": "e2f2ae0a6abc4e71a884a961c500515f58e30b6aa582dd8db6a65945e08d2d76",
|
||||||
"extra_field": 1,
|
"extra_field": 1,
|
||||||
"ciphersuite": "FROST(ristretto255, SHA-512)"
|
"ciphersuite": "FROST(ristretto255, SHA-512)"
|
||||||
}"#;
|
}"#;
|
||||||
|
|
@ -345,10 +345,10 @@ fn check_public_key_package_serialization() {
|
||||||
assert!(public_key_package == decoded_public_key_package);
|
assert!(public_key_package == decoded_public_key_package);
|
||||||
|
|
||||||
let json = r#"{
|
let json = r#"{
|
||||||
"signer_pubkeys": {
|
"verifying_shares": {
|
||||||
"2a00000000000000000000000000000000000000000000000000000000000000": "e2f2ae0a6abc4e71a884a961c500515f58e30b6aa582dd8db6a65945e08d2d76"
|
"2a00000000000000000000000000000000000000000000000000000000000000": "e2f2ae0a6abc4e71a884a961c500515f58e30b6aa582dd8db6a65945e08d2d76"
|
||||||
},
|
},
|
||||||
"group_public": "e2f2ae0a6abc4e71a884a961c500515f58e30b6aa582dd8db6a65945e08d2d76",
|
"verifying_key": "e2f2ae0a6abc4e71a884a961c500515f58e30b6aa582dd8db6a65945e08d2d76",
|
||||||
"ciphersuite": "FROST(ristretto255, SHA-512)"
|
"ciphersuite": "FROST(ristretto255, SHA-512)"
|
||||||
}"#;
|
}"#;
|
||||||
let decoded_public_key_package: PublicKeyPackage = serde_json::from_str(json).unwrap();
|
let decoded_public_key_package: PublicKeyPackage = serde_json::from_str(json).unwrap();
|
||||||
|
|
@ -359,17 +359,17 @@ fn check_public_key_package_serialization() {
|
||||||
|
|
||||||
// Invalid identifier
|
// Invalid identifier
|
||||||
let invalid_json = r#"{
|
let invalid_json = r#"{
|
||||||
"signer_pubkeys": {
|
"verifying_shares": {
|
||||||
"0000000000000000000000000000000000000000000000000000000000000000": "e2f2ae0a6abc4e71a884a961c500515f58e30b6aa582dd8db6a65945e08d2d76"
|
"0000000000000000000000000000000000000000000000000000000000000000": "e2f2ae0a6abc4e71a884a961c500515f58e30b6aa582dd8db6a65945e08d2d76"
|
||||||
},
|
},
|
||||||
"group_public": "e2f2ae0a6abc4e71a884a961c500515f58e30b6aa582dd8db6a65945e08d2d76",
|
"verifying_key": "e2f2ae0a6abc4e71a884a961c500515f58e30b6aa582dd8db6a65945e08d2d76",
|
||||||
"ciphersuite": "FROST(ristretto255, SHA-512)"
|
"ciphersuite": "FROST(ristretto255, SHA-512)"
|
||||||
}"#;
|
}"#;
|
||||||
assert!(serde_json::from_str::<PublicKeyPackage>(invalid_json).is_err());
|
assert!(serde_json::from_str::<PublicKeyPackage>(invalid_json).is_err());
|
||||||
|
|
||||||
// Invalid field
|
// Invalid field
|
||||||
let invalid_json = r#"{
|
let invalid_json = r#"{
|
||||||
"signer_pubkeys": {
|
"verifying_shares": {
|
||||||
"2a00000000000000000000000000000000000000000000000000000000000000": "e2f2ae0a6abc4e71a884a961c500515f58e30b6aa582dd8db6a65945e08d2d76"
|
"2a00000000000000000000000000000000000000000000000000000000000000": "e2f2ae0a6abc4e71a884a961c500515f58e30b6aa582dd8db6a65945e08d2d76"
|
||||||
},
|
},
|
||||||
"foo": "e2f2ae0a6abc4e71a884a961c500515f58e30b6aa582dd8db6a65945e08d2d76",
|
"foo": "e2f2ae0a6abc4e71a884a961c500515f58e30b6aa582dd8db6a65945e08d2d76",
|
||||||
|
|
@ -379,7 +379,7 @@ fn check_public_key_package_serialization() {
|
||||||
|
|
||||||
// Missing field
|
// Missing field
|
||||||
let invalid_json = r#"{
|
let invalid_json = r#"{
|
||||||
"signer_pubkeys": {
|
"verifying_shares": {
|
||||||
"2a00000000000000000000000000000000000000000000000000000000000000": "e2f2ae0a6abc4e71a884a961c500515f58e30b6aa582dd8db6a65945e08d2d76"
|
"2a00000000000000000000000000000000000000000000000000000000000000": "e2f2ae0a6abc4e71a884a961c500515f58e30b6aa582dd8db6a65945e08d2d76"
|
||||||
},
|
},
|
||||||
"ciphersuite": "FROST(ristretto255, SHA-512)"
|
"ciphersuite": "FROST(ristretto255, SHA-512)"
|
||||||
|
|
@ -388,10 +388,10 @@ fn check_public_key_package_serialization() {
|
||||||
|
|
||||||
// Extra field
|
// Extra field
|
||||||
let invalid_json = r#"{
|
let invalid_json = r#"{
|
||||||
"signer_pubkeys": {
|
"verifying_shares": {
|
||||||
"2a00000000000000000000000000000000000000000000000000000000000000": "e2f2ae0a6abc4e71a884a961c500515f58e30b6aa582dd8db6a65945e08d2d76"
|
"2a00000000000000000000000000000000000000000000000000000000000000": "e2f2ae0a6abc4e71a884a961c500515f58e30b6aa582dd8db6a65945e08d2d76"
|
||||||
},
|
},
|
||||||
"group_public": "e2f2ae0a6abc4e71a884a961c500515f58e30b6aa582dd8db6a65945e08d2d76",
|
"verifying_key": "e2f2ae0a6abc4e71a884a961c500515f58e30b6aa582dd8db6a65945e08d2d76",
|
||||||
"extra": 1,
|
"extra": 1,
|
||||||
"ciphersuite": "FROST(ristretto255, SHA-512)"
|
"ciphersuite": "FROST(ristretto255, SHA-512)"
|
||||||
}"#;
|
}"#;
|
||||||
|
|
@ -463,7 +463,7 @@ fn check_round2_package_serialization() {
|
||||||
assert!(round2_package == decoded_round2_package);
|
assert!(round2_package == decoded_round2_package);
|
||||||
|
|
||||||
let json = r#"{
|
let json = r#"{
|
||||||
"secret_share": "498d4e9311420c903913a56c94a694b8aaaaaaaaaaaaaaaaaaaaaaaaaaaaaa0a",
|
"signing_share": "498d4e9311420c903913a56c94a694b8aaaaaaaaaaaaaaaaaaaaaaaaaaaaaa0a",
|
||||||
"ciphersuite": "FROST(ristretto255, SHA-512)"
|
"ciphersuite": "FROST(ristretto255, SHA-512)"
|
||||||
}"#;
|
}"#;
|
||||||
let decoded_round2_package: round2::Package = serde_json::from_str(json).unwrap();
|
let decoded_round2_package: round2::Package = serde_json::from_str(json).unwrap();
|
||||||
|
|
@ -487,7 +487,7 @@ fn check_round2_package_serialization() {
|
||||||
|
|
||||||
// Extra field
|
// Extra field
|
||||||
let invalid_json = r#"{
|
let invalid_json = r#"{
|
||||||
"secret_share": "498d4e9311420c903913a56c94a694b8aaaaaaaaaaaaaaaaaaaaaaaaaaaaaa0a",
|
"signing_share": "498d4e9311420c903913a56c94a694b8aaaaaaaaaaaaaaaaaaaaaaaaaaaaaa0a",
|
||||||
"extra": 1,
|
"extra": 1,
|
||||||
"ciphersuite": "FROST(ristretto255, SHA-512)"
|
"ciphersuite": "FROST(ristretto255, SHA-512)"
|
||||||
}"#;
|
}"#;
|
||||||
|
|
|
||||||
|
|
@ -52,7 +52,7 @@ for participant_index in 1..(min_signers as u16 + 1) {
|
||||||
// participant, up to _threshold_.
|
// participant, up to _threshold_.
|
||||||
# // ANCHOR: round1_commit
|
# // ANCHOR: round1_commit
|
||||||
let (nonces, commitments) = frost::round1::commit(
|
let (nonces, commitments) = frost::round1::commit(
|
||||||
key_packages[&participant_identifier].secret_share(),
|
key_packages[&participant_identifier].signing_share(),
|
||||||
&mut rng,
|
&mut rng,
|
||||||
);
|
);
|
||||||
# // ANCHOR_END: round1_commit
|
# // ANCHOR_END: round1_commit
|
||||||
|
|
@ -111,7 +111,7 @@ let group_signature = frost::aggregate(&signing_package, &signature_shares, &pub
|
||||||
// key (the verification key).
|
// key (the verification key).
|
||||||
# // ANCHOR: verify
|
# // ANCHOR: verify
|
||||||
let is_signature_valid = pubkey_package
|
let is_signature_valid = pubkey_package
|
||||||
.group_public()
|
.verifying_key()
|
||||||
.verify(message, &group_signature)
|
.verify(message, &group_signature)
|
||||||
.is_ok();
|
.is_ok();
|
||||||
# // ANCHOR_END: verify
|
# // ANCHOR_END: verify
|
||||||
|
|
|
||||||
|
|
@ -90,9 +90,9 @@ pub fn public_key_package() -> PublicKeyPackage {
|
||||||
let verifying_share = VerifyingShare::deserialize(serialized_element).unwrap();
|
let verifying_share = VerifyingShare::deserialize(serialized_element).unwrap();
|
||||||
let serialized_element = <C as Ciphersuite>::Group::serialize(&element1());
|
let serialized_element = <C as Ciphersuite>::Group::serialize(&element1());
|
||||||
let verifying_key = VerifyingKey::deserialize(serialized_element).unwrap();
|
let verifying_key = VerifyingKey::deserialize(serialized_element).unwrap();
|
||||||
let signer_pubkeys = HashMap::from([(identifier, verifying_share)]);
|
let verifying_shares = HashMap::from([(identifier, verifying_share)]);
|
||||||
|
|
||||||
PublicKeyPackage::new(signer_pubkeys, verifying_key)
|
PublicKeyPackage::new(verifying_shares, verifying_key)
|
||||||
}
|
}
|
||||||
|
|
||||||
/// Generate a sample round1::Package.
|
/// Generate a sample round1::Package.
|
||||||
|
|
|
||||||
|
|
@ -14,7 +14,7 @@
|
||||||
257
|
257
|
||||||
],
|
],
|
||||||
"group_secret_key": "0d004150d27c3bf2a42f312683d35fac7394b1e9e318249c1bfe7f0795a83114",
|
"group_secret_key": "0d004150d27c3bf2a42f312683d35fac7394b1e9e318249c1bfe7f0795a83114",
|
||||||
"group_public_key": "02f37c34b66ced1fb51c34a90bdae006901f10625cc06c4f64663b0eae87d87b4f",
|
"verifying_key_key": "02f37c34b66ced1fb51c34a90bdae006901f10625cc06c4f64663b0eae87d87b4f",
|
||||||
"message": "74657374",
|
"message": "74657374",
|
||||||
"share_polynomial_coefficients": [
|
"share_polynomial_coefficients": [
|
||||||
"fbf85eadae3058ea14f19148bb72b45e4399c0b16028acaf0395c9b03c823579"
|
"fbf85eadae3058ea14f19148bb72b45e4399c0b16028acaf0395c9b03c823579"
|
||||||
|
|
|
||||||
|
|
@ -13,7 +13,7 @@
|
||||||
3
|
3
|
||||||
],
|
],
|
||||||
"group_secret_key": "0d004150d27c3bf2a42f312683d35fac7394b1e9e318249c1bfe7f0795a83114",
|
"group_secret_key": "0d004150d27c3bf2a42f312683d35fac7394b1e9e318249c1bfe7f0795a83114",
|
||||||
"group_public_key": "02f37c34b66ced1fb51c34a90bdae006901f10625cc06c4f64663b0eae87d87b4f",
|
"verifying_key_key": "02f37c34b66ced1fb51c34a90bdae006901f10625cc06c4f64663b0eae87d87b4f",
|
||||||
"message": "74657374",
|
"message": "74657374",
|
||||||
"share_polynomial_coefficients": [
|
"share_polynomial_coefficients": [
|
||||||
"fbf85eadae3058ea14f19148bb72b45e4399c0b16028acaf0395c9b03c823579"
|
"fbf85eadae3058ea14f19148bb72b45e4399c0b16028acaf0395c9b03c823579"
|
||||||
|
|
|
||||||
|
|
@ -54,7 +54,7 @@ fn check_secret_share_recreation() {
|
||||||
let secret_share = samples::secret_share();
|
let secret_share = samples::secret_share();
|
||||||
|
|
||||||
let identifier = secret_share.identifier();
|
let identifier = secret_share.identifier();
|
||||||
let value = secret_share.value();
|
let value = secret_share.signing_share();
|
||||||
let commitment = secret_share.commitment();
|
let commitment = secret_share.commitment();
|
||||||
|
|
||||||
let new_secret_share = SecretShare::new(*identifier, *value, commitment.clone());
|
let new_secret_share = SecretShare::new(*identifier, *value, commitment.clone());
|
||||||
|
|
@ -68,9 +68,9 @@ fn check_key_package_recreation() {
|
||||||
let key_package = samples::key_package();
|
let key_package = samples::key_package();
|
||||||
|
|
||||||
let identifier = key_package.identifier();
|
let identifier = key_package.identifier();
|
||||||
let signing_share = key_package.secret_share();
|
let signing_share = key_package.signing_share();
|
||||||
let verifying_share = key_package.public();
|
let verifying_share = key_package.verifying_share();
|
||||||
let verifying_key = key_package.group_public();
|
let verifying_key = key_package.verifying_key();
|
||||||
let min_signers = key_package.min_signers();
|
let min_signers = key_package.min_signers();
|
||||||
|
|
||||||
let new_key_package = KeyPackage::new(
|
let new_key_package = KeyPackage::new(
|
||||||
|
|
@ -89,10 +89,10 @@ fn check_key_package_recreation() {
|
||||||
fn check_public_key_package_recreation() {
|
fn check_public_key_package_recreation() {
|
||||||
let public_key_package = samples::public_key_package();
|
let public_key_package = samples::public_key_package();
|
||||||
|
|
||||||
let signer_pubkeys = public_key_package.signer_pubkeys();
|
let verifying_shares = public_key_package.verifying_shares();
|
||||||
let verifying_key = public_key_package.group_public();
|
let verifying_key = public_key_package.verifying_key();
|
||||||
|
|
||||||
let new_public_key_package = PublicKeyPackage::new(signer_pubkeys.clone(), *verifying_key);
|
let new_public_key_package = PublicKeyPackage::new(verifying_shares.clone(), *verifying_key);
|
||||||
|
|
||||||
assert!(public_key_package == new_public_key_package);
|
assert!(public_key_package == new_public_key_package);
|
||||||
}
|
}
|
||||||
|
|
@ -115,7 +115,7 @@ fn check_round1_package_recreation() {
|
||||||
fn check_round2_package_recreation() {
|
fn check_round2_package_recreation() {
|
||||||
let round2_package = samples::round2_package();
|
let round2_package = samples::round2_package();
|
||||||
|
|
||||||
let signing_share = round2_package.secret_share();
|
let signing_share = round2_package.signing_share();
|
||||||
|
|
||||||
let new_round2_package = round2::Package::new(*signing_share);
|
let new_round2_package = round2::Package::new(*signing_share);
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -212,7 +212,7 @@ fn check_secret_share_serialization() {
|
||||||
|
|
||||||
let json = r#"{
|
let json = r#"{
|
||||||
"identifier": "000000000000000000000000000000000000000000000000000000000000002a",
|
"identifier": "000000000000000000000000000000000000000000000000000000000000002a",
|
||||||
"value": "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa9d1c9e899ca306ad27fe1945de0242b81",
|
"signing_share": "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa9d1c9e899ca306ad27fe1945de0242b81",
|
||||||
"commitment": [
|
"commitment": [
|
||||||
"0279be667ef9dcbbac55a06295ce870b07029bfcdb2dce28d959f2815b16f81798"
|
"0279be667ef9dcbbac55a06295ce870b07029bfcdb2dce28d959f2815b16f81798"
|
||||||
],
|
],
|
||||||
|
|
@ -227,7 +227,7 @@ fn check_secret_share_serialization() {
|
||||||
// Invalid identifier
|
// Invalid identifier
|
||||||
let invalid_json = r#"{
|
let invalid_json = r#"{
|
||||||
"identifier": "0000000000000000000000000000000000000000000000000000000000000000",
|
"identifier": "0000000000000000000000000000000000000000000000000000000000000000",
|
||||||
"value": "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa9d1c9e899ca306ad27fe1945de0242b81",
|
"signing_share": "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa9d1c9e899ca306ad27fe1945de0242b81",
|
||||||
"commitment": [
|
"commitment": [
|
||||||
"0279be667ef9dcbbac55a06295ce870b07029bfcdb2dce28d959f2815b16f81798"
|
"0279be667ef9dcbbac55a06295ce870b07029bfcdb2dce28d959f2815b16f81798"
|
||||||
],
|
],
|
||||||
|
|
@ -259,7 +259,7 @@ fn check_secret_share_serialization() {
|
||||||
// Extra field
|
// Extra field
|
||||||
let invalid_json = r#"{
|
let invalid_json = r#"{
|
||||||
"identifier": "000000000000000000000000000000000000000000000000000000000000002a",
|
"identifier": "000000000000000000000000000000000000000000000000000000000000002a",
|
||||||
"value": "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa9d1c9e899ca306ad27fe1945de0242b81",
|
"signing_share": "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa9d1c9e899ca306ad27fe1945de0242b81",
|
||||||
"commitment": [
|
"commitment": [
|
||||||
"0279be667ef9dcbbac55a06295ce870b07029bfcdb2dce28d959f2815b16f81798"
|
"0279be667ef9dcbbac55a06295ce870b07029bfcdb2dce28d959f2815b16f81798"
|
||||||
],
|
],
|
||||||
|
|
@ -281,9 +281,9 @@ fn check_key_package_serialization() {
|
||||||
|
|
||||||
let json = r#"{
|
let json = r#"{
|
||||||
"identifier": "000000000000000000000000000000000000000000000000000000000000002a",
|
"identifier": "000000000000000000000000000000000000000000000000000000000000002a",
|
||||||
"secret_share": "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa9d1c9e899ca306ad27fe1945de0242b81",
|
"signing_share": "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa9d1c9e899ca306ad27fe1945de0242b81",
|
||||||
"public": "0279be667ef9dcbbac55a06295ce870b07029bfcdb2dce28d959f2815b16f81798",
|
"verifying_share": "0279be667ef9dcbbac55a06295ce870b07029bfcdb2dce28d959f2815b16f81798",
|
||||||
"group_public": "0279be667ef9dcbbac55a06295ce870b07029bfcdb2dce28d959f2815b16f81798",
|
"verifying_key": "0279be667ef9dcbbac55a06295ce870b07029bfcdb2dce28d959f2815b16f81798",
|
||||||
"min_signers": 2,
|
"min_signers": 2,
|
||||||
"ciphersuite": "FROST(secp256k1, SHA-256)"
|
"ciphersuite": "FROST(secp256k1, SHA-256)"
|
||||||
}"#;
|
}"#;
|
||||||
|
|
@ -296,9 +296,9 @@ fn check_key_package_serialization() {
|
||||||
// Invalid identifier
|
// Invalid identifier
|
||||||
let invalid_json = r#"{
|
let invalid_json = r#"{
|
||||||
"identifier": "0000000000000000000000000000000000000000000000000000000000000000",
|
"identifier": "0000000000000000000000000000000000000000000000000000000000000000",
|
||||||
"secret_share": "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa9d1c9e899ca306ad27fe1945de0242b81",
|
"signing_share": "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa9d1c9e899ca306ad27fe1945de0242b81",
|
||||||
"public": "0279be667ef9dcbbac55a06295ce870b07029bfcdb2dce28d959f2815b16f81798",
|
"verifying_share": "0279be667ef9dcbbac55a06295ce870b07029bfcdb2dce28d959f2815b16f81798",
|
||||||
"group_public": "0279be667ef9dcbbac55a06295ce870b07029bfcdb2dce28d959f2815b16f81798",
|
"verifying_key": "0279be667ef9dcbbac55a06295ce870b07029bfcdb2dce28d959f2815b16f81798",
|
||||||
"ciphersuite": "FROST(secp256k1, SHA-256)"
|
"ciphersuite": "FROST(secp256k1, SHA-256)"
|
||||||
}"#;
|
}"#;
|
||||||
assert!(serde_json::from_str::<KeyPackage>(invalid_json).is_err());
|
assert!(serde_json::from_str::<KeyPackage>(invalid_json).is_err());
|
||||||
|
|
@ -307,8 +307,8 @@ fn check_key_package_serialization() {
|
||||||
let invalid_json = r#"{
|
let invalid_json = r#"{
|
||||||
"identifier": "000000000000000000000000000000000000000000000000000000000000002a",
|
"identifier": "000000000000000000000000000000000000000000000000000000000000002a",
|
||||||
"foo": "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa9d1c9e899ca306ad27fe1945de0242b81",
|
"foo": "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa9d1c9e899ca306ad27fe1945de0242b81",
|
||||||
"public": "0279be667ef9dcbbac55a06295ce870b07029bfcdb2dce28d959f2815b16f81798",
|
"verifying_share": "0279be667ef9dcbbac55a06295ce870b07029bfcdb2dce28d959f2815b16f81798",
|
||||||
"group_public": "0279be667ef9dcbbac55a06295ce870b07029bfcdb2dce28d959f2815b16f81798",
|
"verifying_key": "0279be667ef9dcbbac55a06295ce870b07029bfcdb2dce28d959f2815b16f81798",
|
||||||
"ciphersuite": "FROST(secp256k1, SHA-256)"
|
"ciphersuite": "FROST(secp256k1, SHA-256)"
|
||||||
}"#;
|
}"#;
|
||||||
assert!(serde_json::from_str::<KeyPackage>(invalid_json).is_err());
|
assert!(serde_json::from_str::<KeyPackage>(invalid_json).is_err());
|
||||||
|
|
@ -316,8 +316,8 @@ fn check_key_package_serialization() {
|
||||||
// Missing field
|
// Missing field
|
||||||
let invalid_json = r#"{
|
let invalid_json = r#"{
|
||||||
"identifier": "000000000000000000000000000000000000000000000000000000000000002a",
|
"identifier": "000000000000000000000000000000000000000000000000000000000000002a",
|
||||||
"public": "0279be667ef9dcbbac55a06295ce870b07029bfcdb2dce28d959f2815b16f81798",
|
"verifying_share": "0279be667ef9dcbbac55a06295ce870b07029bfcdb2dce28d959f2815b16f81798",
|
||||||
"group_public": "0279be667ef9dcbbac55a06295ce870b07029bfcdb2dce28d959f2815b16f81798",
|
"verifying_key": "0279be667ef9dcbbac55a06295ce870b07029bfcdb2dce28d959f2815b16f81798",
|
||||||
"ciphersuite": "FROST(secp256k1, SHA-256)"
|
"ciphersuite": "FROST(secp256k1, SHA-256)"
|
||||||
}"#;
|
}"#;
|
||||||
assert!(serde_json::from_str::<KeyPackage>(invalid_json).is_err());
|
assert!(serde_json::from_str::<KeyPackage>(invalid_json).is_err());
|
||||||
|
|
@ -325,9 +325,9 @@ fn check_key_package_serialization() {
|
||||||
// Extra field
|
// Extra field
|
||||||
let invalid_json = r#"{
|
let invalid_json = r#"{
|
||||||
"identifier": "000000000000000000000000000000000000000000000000000000000000002a",
|
"identifier": "000000000000000000000000000000000000000000000000000000000000002a",
|
||||||
"secret_share": "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa9d1c9e899ca306ad27fe1945de0242b81",
|
"signing_share": "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa9d1c9e899ca306ad27fe1945de0242b81",
|
||||||
"public": "0279be667ef9dcbbac55a06295ce870b07029bfcdb2dce28d959f2815b16f81798",
|
"verifying_share": "0279be667ef9dcbbac55a06295ce870b07029bfcdb2dce28d959f2815b16f81798",
|
||||||
"group_public": "0279be667ef9dcbbac55a06295ce870b07029bfcdb2dce28d959f2815b16f81798",
|
"verifying_key": "0279be667ef9dcbbac55a06295ce870b07029bfcdb2dce28d959f2815b16f81798",
|
||||||
"extra_field": 1,
|
"extra_field": 1,
|
||||||
"ciphersuite": "FROST(secp256k1, SHA-256)"
|
"ciphersuite": "FROST(secp256k1, SHA-256)"
|
||||||
}"#;
|
}"#;
|
||||||
|
|
@ -345,10 +345,10 @@ fn check_public_key_package_serialization() {
|
||||||
assert!(public_key_package == decoded_public_key_package);
|
assert!(public_key_package == decoded_public_key_package);
|
||||||
|
|
||||||
let json = r#"{
|
let json = r#"{
|
||||||
"signer_pubkeys": {
|
"verifying_shares": {
|
||||||
"000000000000000000000000000000000000000000000000000000000000002a": "0279be667ef9dcbbac55a06295ce870b07029bfcdb2dce28d959f2815b16f81798"
|
"000000000000000000000000000000000000000000000000000000000000002a": "0279be667ef9dcbbac55a06295ce870b07029bfcdb2dce28d959f2815b16f81798"
|
||||||
},
|
},
|
||||||
"group_public": "0279be667ef9dcbbac55a06295ce870b07029bfcdb2dce28d959f2815b16f81798",
|
"verifying_key": "0279be667ef9dcbbac55a06295ce870b07029bfcdb2dce28d959f2815b16f81798",
|
||||||
"ciphersuite": "FROST(secp256k1, SHA-256)"
|
"ciphersuite": "FROST(secp256k1, SHA-256)"
|
||||||
}"#;
|
}"#;
|
||||||
let decoded_public_key_package: PublicKeyPackage = serde_json::from_str(json).unwrap();
|
let decoded_public_key_package: PublicKeyPackage = serde_json::from_str(json).unwrap();
|
||||||
|
|
@ -359,17 +359,17 @@ fn check_public_key_package_serialization() {
|
||||||
|
|
||||||
// Invalid identifier
|
// Invalid identifier
|
||||||
let invalid_json = r#"{
|
let invalid_json = r#"{
|
||||||
"signer_pubkeys": {
|
"verifying_shares": {
|
||||||
"0000000000000000000000000000000000000000000000000000000000000000": "0279be667ef9dcbbac55a06295ce870b07029bfcdb2dce28d959f2815b16f81798"
|
"0000000000000000000000000000000000000000000000000000000000000000": "0279be667ef9dcbbac55a06295ce870b07029bfcdb2dce28d959f2815b16f81798"
|
||||||
},
|
},
|
||||||
"group_public": "0279be667ef9dcbbac55a06295ce870b07029bfcdb2dce28d959f2815b16f81798",
|
"verifying_key": "0279be667ef9dcbbac55a06295ce870b07029bfcdb2dce28d959f2815b16f81798",
|
||||||
"ciphersuite": "FROST(secp256k1, SHA-256)"
|
"ciphersuite": "FROST(secp256k1, SHA-256)"
|
||||||
}"#;
|
}"#;
|
||||||
assert!(serde_json::from_str::<PublicKeyPackage>(invalid_json).is_err());
|
assert!(serde_json::from_str::<PublicKeyPackage>(invalid_json).is_err());
|
||||||
|
|
||||||
// Invalid field
|
// Invalid field
|
||||||
let invalid_json = r#"{
|
let invalid_json = r#"{
|
||||||
"signer_pubkeys": {
|
"verifying_shares": {
|
||||||
"000000000000000000000000000000000000000000000000000000000000002a": "0279be667ef9dcbbac55a06295ce870b07029bfcdb2dce28d959f2815b16f81798"
|
"000000000000000000000000000000000000000000000000000000000000002a": "0279be667ef9dcbbac55a06295ce870b07029bfcdb2dce28d959f2815b16f81798"
|
||||||
},
|
},
|
||||||
"foo": "0279be667ef9dcbbac55a06295ce870b07029bfcdb2dce28d959f2815b16f81798",
|
"foo": "0279be667ef9dcbbac55a06295ce870b07029bfcdb2dce28d959f2815b16f81798",
|
||||||
|
|
@ -379,7 +379,7 @@ fn check_public_key_package_serialization() {
|
||||||
|
|
||||||
// Missing field
|
// Missing field
|
||||||
let invalid_json = r#"{
|
let invalid_json = r#"{
|
||||||
"signer_pubkeys": {
|
"verifying_shares": {
|
||||||
"000000000000000000000000000000000000000000000000000000000000002a": "0279be667ef9dcbbac55a06295ce870b07029bfcdb2dce28d959f2815b16f81798"
|
"000000000000000000000000000000000000000000000000000000000000002a": "0279be667ef9dcbbac55a06295ce870b07029bfcdb2dce28d959f2815b16f81798"
|
||||||
},
|
},
|
||||||
"ciphersuite": "FROST(secp256k1, SHA-256)"
|
"ciphersuite": "FROST(secp256k1, SHA-256)"
|
||||||
|
|
@ -388,10 +388,10 @@ fn check_public_key_package_serialization() {
|
||||||
|
|
||||||
// Extra field
|
// Extra field
|
||||||
let invalid_json = r#"{
|
let invalid_json = r#"{
|
||||||
"signer_pubkeys": {
|
"verifying_shares": {
|
||||||
"000000000000000000000000000000000000000000000000000000000000002a": "0279be667ef9dcbbac55a06295ce870b07029bfcdb2dce28d959f2815b16f81798"
|
"000000000000000000000000000000000000000000000000000000000000002a": "0279be667ef9dcbbac55a06295ce870b07029bfcdb2dce28d959f2815b16f81798"
|
||||||
},
|
},
|
||||||
"group_public": "0279be667ef9dcbbac55a06295ce870b07029bfcdb2dce28d959f2815b16f81798",
|
"verifying_key": "0279be667ef9dcbbac55a06295ce870b07029bfcdb2dce28d959f2815b16f81798",
|
||||||
"extra": 1,
|
"extra": 1,
|
||||||
"ciphersuite": "FROST(secp256k1, SHA-256)"
|
"ciphersuite": "FROST(secp256k1, SHA-256)"
|
||||||
}"#;
|
}"#;
|
||||||
|
|
@ -463,7 +463,7 @@ fn check_round2_package_serialization() {
|
||||||
assert!(round2_package == decoded_round2_package);
|
assert!(round2_package == decoded_round2_package);
|
||||||
|
|
||||||
let json = r#"{
|
let json = r#"{
|
||||||
"secret_share": "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa9d1c9e899ca306ad27fe1945de0242b81",
|
"signing_share": "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa9d1c9e899ca306ad27fe1945de0242b81",
|
||||||
"ciphersuite": "FROST(secp256k1, SHA-256)"
|
"ciphersuite": "FROST(secp256k1, SHA-256)"
|
||||||
}"#;
|
}"#;
|
||||||
let decoded_round2_package: round2::Package = serde_json::from_str(json).unwrap();
|
let decoded_round2_package: round2::Package = serde_json::from_str(json).unwrap();
|
||||||
|
|
@ -487,7 +487,7 @@ fn check_round2_package_serialization() {
|
||||||
|
|
||||||
// Extra field
|
// Extra field
|
||||||
let invalid_json = r#"{
|
let invalid_json = r#"{
|
||||||
"secret_share": "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa9d1c9e899ca306ad27fe1945de0242b81",
|
"signing_share": "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa9d1c9e899ca306ad27fe1945de0242b81",
|
||||||
"extra": 1,
|
"extra": 1,
|
||||||
"ciphersuite": "FROST(secp256k1, SHA-256)"
|
"ciphersuite": "FROST(secp256k1, SHA-256)"
|
||||||
}"#;
|
}"#;
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue