Documentation
¶
Overview ¶
Package vss provides an implementation of Verifiable Secret Sharing (VSS) using elliptic curve cryptography. It enables a secret to be split into multiple parts, with a specified threshold required to reconstruct it, while also allowing each part to be independently verified for integrity.
Index ¶
Constants ¶
const ( MaxParts = 255 MaxThreshold = 255 )
Variables ¶
This section is empty.
Functions ¶
func Combine ¶
Combine reconstructs the original secret by performing Lagrange interpolation over the provided shares. It requires an exact threshold of shares to successfully reconstruct the secret.
This function is not typically called in a Distributed Key Generation (DKG) scheme, except at disaster recovery cases, and requires collaboration of a threshold of participants.
Parameters: - curve: The elliptic curve used for calculations. - shares: The shares to combine, with x and y coordinates.
Returns: - The reconstructed secret.
func Split ¶
func Split( curve elliptic.Curve, rand io.Reader, secret *big.Int, parts, threshold int, ) ([]*Share, []*ECPoint, error)
Split divides a secret into multiple shares with a specified threshold and generates elliptic curve commitments for verification. Each share can be verified independently to ensure integrity.
This function is typically executed from the dealer.
Parameters: - curve: The elliptic curve to use for commitments and calculations. - rand: A random number generator. - secret: The secret to split. - parts: The total number of shares to generate. - threshold: The minimum number of shares required to reconstruct the secret.
Returns: - A list of shares, each with an x and y coordinate. - A list of commitments for verifying shares. - Any error encountered during share generation.
Types ¶
type Share ¶
type Share struct {
Share represents a secret share with an x-coordinate and corresponding y-coordinate, generated from a polynomial in a finite field.
func (*Share) Verify ¶
Verify checks the integrity of a share using commitments generated by the dealer from the original polynomial coefficients. It ensures that the share's y-coordinate corresponds to the polynomial evaluated at the x-coordinate.
This function is typically executed by each participant upon receiving a share along with the commitments published by a dealer.