dkg

package

v0.15.2 Latest Latest Go to latest Published: Mar 9, 2024 License: GPL-3.0 Imports: 7 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

Documentation ¶

Overview ¶

Package dkg implements the Distributed Key Generation (DKG) protocol of [DKLs18](https://eprint.iacr.org/2018/499.pdf). The DKG protocol is defined in "Protocol 2" page 7, of the paper. The Zero Knowledge Proof ideal functionalities are realized using schnorr proofs. Moreover, the seed OT is realized using the Verified Simplest OT protocol.

Index ¶

type Alice
- func NewAlice(curve *curves.Curve) *Alice
type AliceOutput
type Bob
- func NewBob(curve *curves.Curve) *Bob
type BobOutput
type Round2Output

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type Alice ¶

type Alice struct {
	// contains filtered or unexported fields
}

Alice struct encoding Alice's state during one execution of the overall signing algorithm. At the end of the joint computation, Alice will NOT obtain the signature.

func NewAlice ¶

func NewAlice(curve *curves.Curve) *Alice

NewAlice creates a party that can participate in 2-of-2 DKG and threshold signature.

func (*Alice) Output ¶

func (alice *Alice) Output() *AliceOutput

Output returns the output of the DKG operation. Must be called after step 9. Calling it before that step has undefined behaviour.

func (*Alice) Round10DkgRound6Ot ¶

func (alice *Alice) Round10DkgRound6Ot(challengeOpenings []simplest.ChallengeOpening) error

Round10DkgRound6Ot is a thin wrapper around the 6th round of seed OT protocol.

func (*Alice) Round2CommitToProof ¶

func (alice *Alice) Round2CommitToProof(bobSeed [simplest.DigestSize]byte) (*Round2Output, error)

Round2CommitToProof steps 1) and 2) of protocol 2 on page 7.

func (*Alice) Round4VerifyAndReveal ¶

func (alice *Alice) Round4VerifyAndReveal(proof *schnorr.Proof) (*schnorr.Proof, error)

Round4VerifyAndReveal step 4 of protocol 2 on page 7.

func (*Alice) Round6DkgRound2Ot ¶

func (alice *Alice) Round6DkgRound2Ot(proof *schnorr.Proof) ([]simplest.ReceiversMaskedChoices, error)

Round6DkgRound2Ot is a thin wrapper around the 2nd round of seed OT protocol.

func (*Alice) Round8DkgRound4Ot ¶

func (alice *Alice) Round8DkgRound4Ot(challenge []simplest.OtChallenge) ([]simplest.OtChallengeResponse, error)

Round8DkgRound4Ot is a thin wrapper around the 4th round of seed OT protocol.

type AliceOutput ¶

type AliceOutput struct {
	// PublicKey is the joint public key of Alice and Bob.
	// This value is public.
	PublicKey curves.Point

	// SecretKeyShare is Alice's secret key for the joint public key.
	// This output must be kept secret. If it is lost, the users will lose access and cannot create signatures.
	SecretKeyShare curves.Scalar

	// SeedOtResult are the outputs that the receiver will obtain as a result of running the "random" OT protocol.
	// This output must be kept secret. Although, if it is lost the users can run another OT protocol and obtain
	// new values to replace it.
	SeedOtResult *simplest.ReceiverOutput
}

AliceOutput is the result of running DKG for Alice. It contains both the public and secret values that are needed for signing.

type Bob ¶

type Bob struct {
	// contains filtered or unexported fields
}

Bob struct encoding Bob's state during one execution of the overall signing algorithm. At the end of the joint computation, Bob will obtain the signature.

func NewBob ¶

func NewBob(curve *curves.Curve) *Bob

NewBob creates a party that can participate in 2-of-2 DKG and threshold signature. This party is the receiver of the signature at the end.

func (*Bob) Output ¶

func (bob *Bob) Output() *BobOutput

Output returns the output of the DKG operation. Must be called after step 9. Calling it before that step has undefined behaviour.

func (*Bob) Round1GenerateRandomSeed ¶

func (bob *Bob) Round1GenerateRandomSeed() ([simplest.DigestSize]byte, error)

Round1GenerateRandomSeed Bob flips random coins, and sends these to Alice in this round, Bob flips 32 random bytes and sends them to Alice. note that this is not _explicitly_ given as part of the protocol in https://eprint.iacr.org/2018/499.pdf, Protocol 1). rather, it is part of our generation of a unique session identifier, for use in subsequent schnorr proofs / seed OT / etc. we do it by having each party sample 32 bytes, then by appending _both_ as salts. secure if either party is honest

func (*Bob) Round3SchnorrProve ¶

func (bob *Bob) Round3SchnorrProve(round2Output *Round2Output) (*schnorr.Proof, error)

Round3SchnorrProve receives Bob's Commitment and returns schnorr statment + proof. Steps 1 and 3 of protocol 2 on page 7.

func (*Bob) Round5DecommitmentAndStartOt ¶

func (bob *Bob) Round5DecommitmentAndStartOt(proof *schnorr.Proof) (*schnorr.Proof, error)

Round5DecommitmentAndStartOt step 5 of protocol 2 on page 7.

func (*Bob) Round7DkgRound3Ot ¶

func (bob *Bob) Round7DkgRound3Ot(compressedReceiversMaskedChoice []simplest.ReceiversMaskedChoices) ([]simplest.OtChallenge, error)

Round7DkgRound3Ot is a thin wrapper around the 3rd round of seed OT protocol.

func (*Bob) Round9DkgRound5Ot ¶

func (bob *Bob) Round9DkgRound5Ot(challengeResponses []simplest.OtChallengeResponse) ([]simplest.ChallengeOpening, error)

Round9DkgRound5Ot is a thin wrapper around the 5th round of seed OT protocol.

type BobOutput ¶

type BobOutput struct {
	// PublicKey is the joint public key of Alice and Bob.
	// This value is public.
	PublicKey curves.Point

	// SecretKeyShare is Bob's secret key for the joint public key.
	// This output must be kept secret. If it is lost, the users will lose access and cannot create signatures.
	SecretKeyShare curves.Scalar

	// SeedOtResult are the outputs that the sender will obtain as a result of running the "random" OT protocol.
	// This output must be kept secret. Although, if it is lost the users can run another OT protocol and obtain
	// new values to replace it.
	SeedOtResult *simplest.SenderOutput
}

BobOutput is the result of running DKG for Bob. It contains both the public and secret values that are needed for signing.

type Round2Output ¶

type Round2Output struct {
	// Seed is the random value used to derive the joint unique session id.
	Seed [simplest.DigestSize]byte

	// Commitment is the commitment to the ZKP to Alice's secret key share.
	Commitment schnorr.Commitment
}

Round2Output contains the output of the 2nd round of DKG.

Source Files ¶

View all Source files

dkg.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL