63 lines
2.4 KiB
Rust
63 lines
2.4 KiB
Rust
use rand::thread_rng;
|
|
use std::collections::HashMap;
|
|
|
|
use redjubjub::frost;
|
|
|
|
#[test]
|
|
fn check_sign_with_dealer() {
|
|
let mut rng = thread_rng();
|
|
let numsigners = 5;
|
|
let threshold = 3;
|
|
let (shares, pubkeys) = frost::keygen_with_dealer(numsigners, threshold, &mut rng).unwrap();
|
|
|
|
let mut nonces: HashMap<u8, Vec<frost::SigningNonces>> =
|
|
HashMap::with_capacity(threshold as usize);
|
|
let mut commitments: Vec<frost::SigningCommitments> = Vec::with_capacity(threshold as usize);
|
|
|
|
// Round 1, generating nonces and signing commitments for each participant.
|
|
for participant_index in 1..(threshold + 1) {
|
|
// Generate one (1) nonce and one SigningCommitments instance for each
|
|
// participant, up to _threshold_.
|
|
let (nonce, commitment) = frost::preprocess(1, participant_index, &mut rng);
|
|
nonces.insert(participant_index, nonce);
|
|
commitments.push(commitment[0]);
|
|
}
|
|
|
|
// This is what the signature aggregator / coordinator needs to do:
|
|
// - decide what message to sign
|
|
// - take one (unused) commitment per signing participant
|
|
let mut signature_shares: Vec<frost::SignatureShare> = Vec::with_capacity(threshold as usize);
|
|
let message = "message to sign".as_bytes();
|
|
let signing_package = frost::SigningPackage {
|
|
message,
|
|
signing_commitments: commitments,
|
|
};
|
|
|
|
// Round 2: each participant generates their signature share
|
|
for (participant_index, nonce) in nonces {
|
|
let share_package = shares
|
|
.iter()
|
|
.find(|share| participant_index == share.index)
|
|
.unwrap();
|
|
let nonce_to_use = nonce[0];
|
|
// Each participant generates their signature share.
|
|
let signature_share = frost::sign(&signing_package, nonce_to_use, share_package).unwrap();
|
|
signature_shares.push(signature_share);
|
|
}
|
|
|
|
// The aggregator collects the signing shares from all participants and
|
|
// generates the final signature.
|
|
let group_signature_res = frost::aggregate(&signing_package, &signature_shares[..], &pubkeys);
|
|
assert!(group_signature_res.is_ok());
|
|
let group_signature = group_signature_res.unwrap();
|
|
|
|
// Check that the threshold signature can be verified by the group public
|
|
// key (aka verification key).
|
|
assert!(pubkeys
|
|
.group_public
|
|
.verify(&message, &group_signature)
|
|
.is_ok());
|
|
|
|
// TODO: also check that the SharePackage.group_public also verifies the group signature.
|
|
}
|