Documentation ¶
Overview ¶
Package v0 implements the 2-of-2 threshold ECDSA signing algorithm of [Doerner, Kondi, Lee, and shelat](https://eprint.iacr.org/2018/499). For an example of use, look at sign.go.
It is currently a work in progress; do not use it in real-life scenarios yet. TODO: Docs to be completed.
Package dkls is an implementation of https://eprint.iacr.org/2018/499.pdf
Index ¶
- func DKGEncoding() (address string, id string, aBytes []byte, bBytes []byte, err error)
- func DecodeReceiver(params *Params, b []byte) (*seedOTReceiver, error)
- func DecodeSender(params *Params, b []byte) (*seedOTSender, error)
- func EncodeReceiver(r *seedOTReceiver) ([]byte, error)
- func EncodeSecret(s *SecretShare) ([]byte, error)
- func EncodeSender(s *seedOTSender) ([]byte, error)
- func InitOT() (receiver *seedOTReceiver, sender *seedOTSender, err error)
- func NewPipeWrappers() (*pipeWrapper, *pipeWrapper)
- func RunDKG() (aliceSecret *SecretShare, bobSecret *SecretShare, err error)
- func SeedOTEncoding() (aBytes []byte, bBytes []byte, err error)
- func SignAlice(secret *SecretShare, cot *seedOTReceiver, m []byte, rw io.ReadWriter) error
- func SignBob(secret *SecretShare, cot *seedOTSender, m []byte, rw io.ReadWriter) error
- type Alice
- type AliceDkg
- type AliceSign
- type Bob
- type BobDkg
- type BobSign
- type DkgResult
- type MultiplyReceiver
- type MultiplySender
- type Params
- type ProtocolIterator
- type ReceiverOTResult
- type Schnorr
- type SecretShare
- type SenderOTResult
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func DKGEncoding ¶
DKGEncoding calls RunDKG and then encodes the Secrets
func DecodeReceiver ¶
DecodeReceiver decodes a Receiver object that was encoded after DKG.
func DecodeSender ¶
DecodeSender decodes a Sender field from the bob object that was encoded after DKG.
func EncodeReceiver ¶
EncodeReceiver encodes a Receiver field as a byte sequence after DKG has been completed.
func EncodeSecret ¶
func EncodeSecret(s *SecretShare) ([]byte, error)
EncodeSecret encodes a SecretShare object as a byte sequence after DKG has been completed.
func EncodeSender ¶
EncodeSender encodes a Sender field as a byte sequence after DKG has been completed.
func NewPipeWrappers ¶
func NewPipeWrappers() (*pipeWrapper, *pipeWrapper)
func RunDKG ¶
func RunDKG() (aliceSecret *SecretShare, bobSecret *SecretShare, err error)
func SeedOTEncoding ¶
SeedOTEncoding calls AliceInitOT and then encodes the Receiver and Sender
func SignAlice ¶
func SignAlice(secret *SecretShare, cot *seedOTReceiver, m []byte, rw io.ReadWriter) error
SignAlice is an illustrative helper method which shows the overall flow for Alice. in practice this will be replaced by a method which actually sends messages back and forth.
func SignBob ¶
func SignBob(secret *SecretShare, cot *seedOTSender, m []byte, rw io.ReadWriter) error
SignBob is an illustrative helper method which shows the overall flow for Bob.
Types ¶
type Alice ¶
type Alice struct {
Receiver *seedOTReceiver
}
Alice struct encoding Alice's state during one execution of the overall signing algorithm. At the end of the joint computation, Alice will NOT obtain the signature.
type AliceDkg ¶
type AliceDkg struct { AliceSecret *SecretShare // contains filtered or unexported fields }
AliceDkg DKLS DKG implementation that satisfies the protocol iterator interface.
func NewAliceDkg ¶
NewAliceDkg creates a new protocol that can compute a DKG as Alice
func (*AliceDkg) Next ¶
func (p *AliceDkg) Next(rw io.ReadWriter) error
Next runs the next step in the protocol and reports errors or increments the step index
type AliceSign ¶
type AliceSign struct {
// contains filtered or unexported fields
}
AliceSign DKLS sign implementation that satisfies the protocol iterator interface.
func NewAliceSign ¶
func NewAliceSign(params *Params, msg []byte, dkgResult []byte, otResult []byte) (*AliceSign, error)
NewAliceSign creates a new protocol that can compute a signature as Alice. Requires dkg state that was produced at the end of DKG.Result().
func NewOTReceiver ¶
NewOTReceiver populates Alice's Receiver
func (*AliceSign) Next ¶
func (p *AliceSign) Next(rw io.ReadWriter) error
Next runs the next step in the protocol and reports errors or increments the step index
func (*AliceSign) Result ¶
Result always returns errNoSig. Alice does not compute a signature in the DKLS protocol; only Bob computes the signature.
type Bob ¶
type Bob struct { // Exported fields Sender *seedOTSender Sig *curves.EcdsaSignature // The resulting digital signature // contains filtered or unexported fields }
Bob struct encoding Bob's state during one execution of the overall signing algorithm. At the end of the joint computation, Bob will obtain the signature.
type BobDkg ¶
type BobDkg struct { BobSecret *SecretShare // contains filtered or unexported fields }
BobDkg DKLS DKG implementation that satisfies the protocol iterator interface.
func (*BobDkg) Next ¶
func (p *BobDkg) Next(rw io.ReadWriter) error
Next runs the next step in the protocol and reports errors or increments the step index
type BobSign ¶
type BobSign struct {
// contains filtered or unexported fields
}
BobSign DKLS sign implementation that satisfies the protocol iterator interface.
func NewBobSign ¶
NewBobSign creates a new protocol that can compute a signature as Bob. Requires dkg state that was produced at the end of DKG.Result().
func (*BobSign) Next ¶
func (p *BobSign) Next(rw io.ReadWriter) error
Next runs the next step in the protocol and reports errors or increments the step index
func (*BobSign) Result ¶
Result If the signing protocol completed successfully, returns the signature that Bob computed as a *core.EcdsaSignature.
type MultiplyReceiver ¶
func NewMultiplyReceiver ¶
func NewMultiplyReceiver(multiplicity int, sender *seedOTSender) *MultiplyReceiver
func (*MultiplyReceiver) MultiplyInit ¶
MultiplyInit Protocol 5., Multiplication, 3). Bob (receiver) encodes beta and initiates the cOT extension!
func (*MultiplyReceiver) MultiplyTransfer ¶
func (receiver *MultiplyReceiver) MultiplyTransfer(r io.Reader) error
MultiplyTransfer Protocol 5., Multiplication, 3) and 6). Bob finalizes the cOT extension. using that and Alice's multiplication message, Bob completes the multiplication protocol, including checks. at the end, Bob's values tB_j are populated.
type MultiplySender ¶
func NewMultiplySender ¶
func NewMultiplySender(multiplicity int, receiver *seedOTReceiver) *MultiplySender
func (*MultiplySender) Multiply ¶
func (sender *MultiplySender) Multiply(idExt [32]byte, alpha []*big.Int, rw io.ReadWriter) error
Multiply Protocol 5., steps 3) 5), 7). Alice _responds_ to Bob's initial cOT message, using a vector of alphas as input. doesn't actually send that message yet, only stashes it, and moves onto the next steps of the multiplication protocol specifically, Alice can then do step 5) (compute the outputs of the multiplication protocol), also stashes this. finishes up by taking care of 7), after that, Alice is totally done with multiplication and has stashed the outputs.
type Params ¶
type ProtocolIterator ¶
type ProtocolIterator interface { // Next runs the next round of the protocol. // Inputs are read from rw.Read(); outputs are written to rw.Write(). // Returns io.EOF when protocol has completed. Next(rw io.ReadWriter) error // Result returns the final result, if any, of the completed protocol. // Reports an error if the protocol has not yet terminated // or if an error was encountered during protocol execution. Result() (interface{}, error) // SetDebug enables or disables (passing a nil value as input) debugging. // At the moment, we only print the final dkls dkg result as json value to this log, but if needed more debugging // can be added for various steps of the other protocols. SetDebug(log io.Writer) }
ProtocolIterator a generalized interface for multi-party protocols that follows the iterator pattern.
type ReceiverOTResult ¶
type ReceiverOTResult struct { OTState []byte Receiver *seedOTReceiver }
type Schnorr ¶
type Schnorr struct { Pub *curves.EcPoint // this is the public point. C *big.Int S *big.Int // contains filtered or unexported fields }
func (*Schnorr) DecommitVerify ¶
func (*Schnorr) ProveCommit ¶
this "commits to" a schnorr proof which is later revealed; see Functionality 7. it mutates `st` by adding a proof to it, and then also returns the commitment to the proof.
type SecretShare ¶
type SecretShare struct { // contains filtered or unexported fields }
func DecodeSecret ¶
func DecodeSecret(params *Params, b []byte) (*SecretShare, error)
DecodeSecret decodes a SecretShare object that was encoded after DKG.
func NewSecretShare ¶
func NewSecretShare(params *Params) *SecretShare
NewSecretShare creates a secret share.
type SenderOTResult ¶
type SenderOTResult struct { OTState []byte Sender *seedOTSender }