Documentation ¶
Overview ¶
Package pvss implements a PVSS backed commit-reveal scheme loosely based on the Scalable Randomness Attested by Public Entities protocol by Casudo and David.
In practice this implementation omits the things that make SCRAPE scalable/fast, and is just a consensus backed PVSS based beacon. The differences are as follows:
The coding theory based share verification mechanism is not implemented. The check is as in Schoenmakers' paper. This could be added at a future date for a performance gain.
The commit/reveal based fast path that skips having to recover each participant's secret if they submitted a protocol level reveal is omitted. It is possible to game the system by publishing shares for one secret and a commitment for another secret, and then choosing to reveal or not after everyone else has revealed. While this behavior is detectable, it either involves having to recover the secret from the shares anyway rendering the optimization moot, or having a userbase that understands that slashing is integral to the security of the system.
Index ¶
- func NewKeyPair() (*Scalar, *Point, error)
- type Commit
- type CommitShare
- type CommitState
- type Config
- type Instance
- func (inst *Instance) Commit() (*Commit, error)
- func (inst *Instance) MayRecover() (bool, int)
- func (inst *Instance) MayReveal() (bool, int)
- func (inst *Instance) OnCommit(commit *Commit) error
- func (inst *Instance) OnReveal(reveal *Reveal) error
- func (inst *Instance) Recover() ([]byte, []int, error)
- func (inst *Instance) Reveal() (*Reveal, error)
- func (inst *Instance) SetScalar(privateKey *Scalar) error
- type Point
- type PubVerShare
- type Reveal
- type Scalar
- func (s *Scalar) Inner() kyber.Scalar
- func (s *Scalar) LoadOrGeneratePEM(fn string) error
- func (s Scalar) MarshalBinary() ([]byte, error)
- func (s Scalar) MarshalPEM() ([]byte, error)
- func (s *Scalar) Point() Point
- func (s *Scalar) UnmarshalBinary(data []byte) error
- func (s *Scalar) UnmarshalPEM(data []byte) error
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func NewKeyPair ¶
NewKeyPair creates a new scalar/point pair for use with a PVSS instance.
Types ¶
type CommitState ¶
type CommitState struct { Commit *Commit `json:"commit"` }
CommitState is a PVSS commit and the corresponding decrypted share, if any.
type Config ¶
type Config struct { // PrivateKey is the scalar to use as the private key. PrivateKey *Scalar // Participants is the vector of public keys of all participants // in the protocol. // // Note: This must be in consistent order across all participants, // and include the public point generated from `PrivateKey`, if // this config is for a participant. Participants []Point // Threshold is the threshold to use for specifying the // minimum number of commits and reveals required for the // protocol to proceed. This value is also used as the threshold // for the underling PVSS scheme. Threshold int }
Config is the configuration for an execution of the PVSS protocol.
type Instance ¶
type Instance struct { Participants []Point `json:"participants"` Commits map[int]*CommitState `json:"commits"` Reveals map[int]*Reveal `json:"reveals"` Threshold int `json:"threshold"` // contains filtered or unexported fields }
Instance is an instance of the PVSS protocol.
func (*Instance) Commit ¶
Commit executes the commit phase of the protocol, generating a commitment message to be broadcasted to all participants.
func (*Instance) MayRecover ¶
MayRecover returns true iff it is possible to proceed to the recovery step, and the total number of distinct valid reveals received.
func (*Instance) MayReveal ¶
MayReveal returns true iff it is possible to proceed to the reveal step, and the total number of distinct valid commitments received.
func (*Instance) OnCommit ¶
OnCommit processes a commitment message received from a participant.
Note: This assumes that the commit is authentic and attributable.
func (*Instance) OnReveal ¶
OnReveal processes a reveal message received from a participant.
Note: This assumes that the reveal is authentic and attributable.
func (*Instance) Recover ¶
Recover executes the recovery phase of the protocol, returning the resulting composite entropy and the indexes of the participants that contributed fully.
type Point ¶
type Point struct {
// contains filtered or unexported fields
}
Point is an elliptic curve point.
func (*Point) LoadPEM ¶
LoadPEM loads a point from a PEM file on disk. Iff the point is missing and a Scalar is provided, the Scalar's corresponding point will be written and loaded.
func (Point) MarshalBinary ¶
MarshalBinary implements the encoding.BinaryMarshaler interface.
func (Point) MarshalPEM ¶
MarshalPEM encodes a point into PEM form.
func (*Point) UnmarshalBinary ¶
UnmarshalBinary implements the encoding.BinaryUnmarshaler interface.
func (*Point) UnmarshalPEM ¶
UnmarshalPEM decodes a PEM marshaled point.
type PubVerShare ¶
type PubVerShare struct {}
PubVerShare is a public verifiable share (`pvss.PubVerShare`)
type Scalar ¶
type Scalar struct {
// contains filtered or unexported fields
}
Scalar is a scalar.
func (*Scalar) LoadOrGeneratePEM ¶
LoadOrGeneratePEM loads a scalar from a PEM file on disk. Iff the scalar is missing, a new one will be generated, written, and loaded.
func (Scalar) MarshalBinary ¶
MarshalBinary implements the encoding.BinaryMarshaler interface.
func (Scalar) MarshalPEM ¶
MarshalPEM encodes a scalar into PEM form.
func (*Scalar) UnmarshalBinary ¶
UnmarshalBinary implements the encoding.BinaryUnmarshaler interface.
func (*Scalar) UnmarshalPEM ¶
UnmarshalPEM decodes a PEM marshaled scalar.