Documentation ¶
Overview ¶
Package v0 implements the 2-of-2 threshold ECDSA signing algorithm of [Doerner, Kondi, Lee, and shelat](https://eprint.iacr.org/2018/499). For an example of use, look at sign.go.
It is currently a work in progress; do not use it in real-life scenarios yet. TODO: Docs to be completed.
Package dkls is an implementation of https://eprint.iacr.org/2018/499.pdf
Index ¶
- func EncodeAlice(a *Alice) ([]byte, error)
- func EncodeBob(b *Bob) ([]byte, error)
- func NewPipeWrappers() (*pipeWrapper, *pipeWrapper)
- type Alice
- type AliceDkg
- type AliceSign
- type Bob
- type BobDkg
- type BobSign
- type DkgResult
- type MultiplyReceiver
- type MultiplySender
- type Params
- type ProtocolIterator
- type Schnorr
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func EncodeAlice ¶
Encodes an alice object as a byte sequence after DKG has been completed.
func NewPipeWrappers ¶
func NewPipeWrappers() (*pipeWrapper, *pipeWrapper)
Types ¶
type Alice ¶
type Alice struct { PkA *Schnorr // this is a "schnorr statement" for pkA. Receiver *seedOTReceiver SkA *big.Int // the witness Pk *curves.EcPoint // contains filtered or unexported fields }
Alice struct encoding Alice's state during one execution of the overall signing algorithm. At the end of the joint computation, Alice will NOT obtain the signature.
func DecodeAlice ¶
Decodes an alice object that was encoded after DKG.
type AliceDkg ¶
type AliceDkg struct { Alice *Alice // contains filtered or unexported fields }
AliceDkg DKLS DKG implementation that satisfies the protocol iterator interface.
func NewAliceDkg ¶
NewAliceDkg creates a new protocol that can compute a DKG as Alice
func (*AliceDkg) Next ¶
func (p *AliceDkg) Next(rw io.ReadWriter) error
Next runs the next step in the protocol and reports errors or increments the step index
type AliceSign ¶
type AliceSign struct {
// contains filtered or unexported fields
}
AliceSign DKLS sign implementation that satisfies the protocol iterator interface.
func NewAliceSign ¶
Creates a new protocol that can compute a signature as Alice. Requires dkg state that was produced at the end of DKG.Result().
func (*AliceSign) Next ¶
func (p *AliceSign) Next(rw io.ReadWriter) error
Next runs the next step in the protocol and reports errors or increments the step index
type Bob ¶
type Bob struct { // Exported fields PkB *Schnorr // this is a "schnorr statement" for pkB. Sender *seedOTSender SkB *big.Int Pk *curves.EcPoint Sig *curves.EcdsaSignature // The resulting digital signature // contains filtered or unexported fields }
Bob struct encoding Bob's state during one execution of the overall signing algorithm. At the end of the joint computation, Bob will obtain the signature.
type BobDkg ¶
type BobDkg struct { Bob *Bob // contains filtered or unexported fields }
BobDkg DKLS DKG implementation that satisfies the protocol iterator interface.
func (*BobDkg) Next ¶
func (p *BobDkg) Next(rw io.ReadWriter) error
Next runs the next step in the protocol and reports errors or increments the step index
type BobSign ¶
type BobSign struct {
// contains filtered or unexported fields
}
BobSign DKLS sign implementation that satisfies the protocol iterator interface.
func NewBobSign ¶
NewBobSign creates a new protocol that can compute a signature as Bob. Requires dkg state that was produced at the end of DKG.Result().
func (*BobSign) Next ¶
func (p *BobSign) Next(rw io.ReadWriter) error
Next runs the next step in the protocol and reports errors or increments the step index
type MultiplyReceiver ¶
func NewMultiplyReceiver ¶
func NewMultiplyReceiver(multiplicity int, sender *seedOTSender) *MultiplyReceiver
func (*MultiplyReceiver) MultiplyInit ¶
MultiplyInit Protocol 5., Multiplication, 3). Bob (receiver) encodes beta and initiates the cOT extension!
func (*MultiplyReceiver) MultiplyTransfer ¶
func (receiver *MultiplyReceiver) MultiplyTransfer(r io.Reader) error
MultiplyTransfer Protocol 5., Multiplication, 3) and 6). Bob finalizes the cOT extension. using that and Alice's multiplication message, Bob completes the multiplication protocol, including checks. at the end, Bob's values tB_j are populated.
type MultiplySender ¶
func NewMultiplySender ¶
func NewMultiplySender(multiplicity int, receiver *seedOTReceiver) *MultiplySender
func (*MultiplySender) Multiply ¶
func (sender *MultiplySender) Multiply(idExt [32]byte, alpha []*big.Int, rw io.ReadWriter) error
Multiply Protocol 5., steps 3) 5), 7). Alice _responds_ to Bob's initial cOT message, using a vector of alphas as input. doesn't actually send that message yet, only stashes it, and moves onto the next steps of the multiplication protocol specifically, Alice can then do step 5) (compute the outputs of the multiplication protocol), also stashes this. finishes up by taking care of 7), after that, Alice is totally done with multiplication and has stashed the outputs.
type Params ¶
type ProtocolIterator ¶
type ProtocolIterator interface { // Next runs the next round of the protocol. // Inputs are read from rw.Read(); outputs are written to rw.Write(). // Returns io.EOF when protocol has completed. Next(rw io.ReadWriter) error // Result returns the final result, if any, of the completed protocol. // Reports an error if the protocol has not yet terminated // or if an error was encountered during protocol execution. Result() (interface{}, error) // SetDebug enables or disables (passing a nil value as input) debugging. // At the moment, we only print the final dkls dkg result as json value to this log, but if needed more debugging // can be added for various steps of the other protocols. SetDebug(log io.Writer) }
ProtocolIterator a generalized interface for multi-party protocols that follows the iterator pattern.
type Schnorr ¶
type Schnorr struct { Pub *curves.EcPoint // this is the public point. C *big.Int S *big.Int // contains filtered or unexported fields }
func (*Schnorr) DecommitVerify ¶
func (*Schnorr) ProveCommit ¶
this "commits to" a schnorr proof which is later revealed; see Functionality 7. it mutates `st` by adding a proof to it, and then also returns the commitment to the proof.