keygen

package
v0.4.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Feb 21, 2024 License: Apache-2.0 Imports: 17 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func StartKeygenCommon 

func StartKeygenCommon(taproot bool, group curve.Curve, participants []party.ID, threshold int, selfID party.ID) protocol.StartFunc

Types

type Config 

type Config struct {
	// ID is the identifier for this participant.
	ID party.ID
	// Threshold is the number of accepted corruptions while still being able to sign.
	Threshold int
	// PrivateShare is the fraction of the secret key owned by this participant.
	PrivateShare curve.Scalar
	// PublicKey is the shared public key for this consortium of signers.
	//
	// This key can be used to verify signatures produced by the consortium.
	PublicKey curve.Point
	// ChainKey is the additional randomness we've agreed upon.
	//
	// This is only ever useful if you do BIP-32 key derivation, or something similar.
	ChainKey []byte
	// VerificationShares is a map between parties and a commitment to their private share.
	//
	// This will later be used to verify the integrity of the signing protocol.
	VerificationShares *party.PointMap
}

Config contains all the information produced after key generation, from the perspective of a single participant.

When unmarshalling, EmptyResult needs to be called to set the group, before calling cbor.Unmarshal, or equivalent methods.

func EmptyConfig 

func EmptyConfig(group curve.Curve) *Config

EmptyConfig creates an empty Result with a specific group.

This needs to be called before unmarshalling, instead of just using new(Result). This is to allow points and scalars to be correctly unmarshalled.

func (*Config) Curve 

func (r *Config) Curve() curve.Curve

Curve returns the Elliptic Curve Group associated with this result.

func (*Config) Derive added in v0.3.0 

func (r *Config) Derive(adjust curve.Scalar, newChainKey []byte) (*Config, error)

Derive performs an arbitrary derivation of a related key, by adding a scalar.

This can support methods like BIP32, but is more general.

Optionally, a new chain key can be passed as well.

func (*Config) DeriveChild added in v0.3.0 

func (r *Config) DeriveChild(i uint32) (*Config, error)

DeriveChild adjusts the shares to represent the derived public key at a certain index.

This will panic if the group is not curve.Secp256k1

This derivation works according to BIP-32, see: https://github.com/bitcoin/bips/blob/master/bip-0032.mediawiki

func (*Config) MarshalBinary 

func (c *Config) MarshalBinary() ([]byte, error)

func (*Config) PublicPoint 

func (r *Config) PublicPoint() curve.Point

func (*Config) UnmarshalBinary 

func (c *Config) UnmarshalBinary(data []byte) error

type TaprootConfig 

type TaprootConfig struct {
	// ID is the identifier for this participant.
	ID party.ID
	// Threshold is the number of accepted corruptions while still being able to sign.
	Threshold int
	// PrivateShare is the fraction of the secret key owned by this participant.
	PrivateShare curve.Scalar
	// PublicKey is the shared public key for this consortium of signers.
	//
	// This key can be used to verify signatures produced by the consortium.
	PublicKey taproot.PublicKey
	// ChainKey is the additional randomness we've agreed upon.
	//
	// This is only ever useful if you do BIP-32 key derivation, or something similar.
	ChainKey []byte
	// VerificationShares is a map between parties and a commitment to their private share.
	//
	// This will later be used to verify the integrity of the signing protocol.
	VerificationShares map[party.ID]curve.Point
}

TaprootConfig is like result, but for Taproot / BIP-340 keys.

The main difference is that our public key is an actual taproot public key.

func (*TaprootConfig) Clone 

func (r *TaprootConfig) Clone() *TaprootConfig

Clone creates a deep clone of this struct, and all the values contained inside

func (*TaprootConfig) Derive added in v0.3.0 

func (r *TaprootConfig) Derive(adjust *curve.Secp256k1Scalar, newChainKey []byte) (*TaprootConfig, error)

Derive performs an arbitrary derivation of a related key, by adding a scalar.

This can support methods like BIP32, but is more general.

Optionally, a new chain key can be passed as well.

func (*TaprootConfig) DeriveChild added in v0.3.0 

func (r *TaprootConfig) DeriveChild(i uint32) (*TaprootConfig, error)

DeriveChild adjusts the shares to represent the derived public key at a certain index.

This derivation works according to BIP-32, see: https://github.com/bitcoin/bips/blob/master/bip-0032.mediawiki

Note that to do this derivation, we interpret the Taproot key as an "old" ECDSA key, with the y coordinate byte set to 0x02. We also only look at the x coordinate of the derived public key, making sure that the corresponding secret key matches the version of this point with an even y coordinate.

func (*TaprootConfig) MarshalBinary added in v0.1.1 

func (c *TaprootConfig) MarshalBinary() ([]byte, error)

func (*TaprootConfig) UnmarshalBinary added in v0.1.1 

func (c *TaprootConfig) UnmarshalBinary(data []byte) error

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.