participant

package
v0.0.0-...-62736aa Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Feb 3, 2023 License: Apache-2.0 Imports: 12 Imported by: 0

Documentation

Overview

Package participant is an implementation of a `participant` in the t-of-n threshold signature of https://eprint.iacr.org/2020/540.pdf

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type DkgParticipant

type DkgParticipant struct {
	Curve elliptic.Curve

	Round uint
	// contains filtered or unexported fields
}

DkgParticipant is a DKG player that contains information needed to perform DKG rounds and finally get info for signing rounds.

func (*DkgParticipant) DkgRound1

func (dp *DkgParticipant) DkgRound1(threshold, total uint32) (*DkgRound1Bcast, error)

DkgRound1 performs round 1 distributed key generation operation [spec] fig 5: DistKeyGenRound1

func (*DkgParticipant) DkgRound2

func (dp *DkgParticipant) DkgRound2(params map[uint32]*DkgRound1Bcast) (*DkgRound2Bcast, map[uint32]*DkgRound2P2PSend, error)

DkgRound2 implements distributed key generation round 2 [spec] fig 5: DistKeyGenRound2

func (*DkgParticipant) DkgRound3

func (dp *DkgParticipant) DkgRound3(d map[uint32]*core.Witness, x map[uint32]*v1.ShamirShare) (paillier.PsfProof, error)

DkgRound3 computes dkg round 3 as shown in [spec] fig. 5: DistKeyGenRoun3

func (*DkgParticipant) DkgRound4

func (dp *DkgParticipant) DkgRound4(psfProof map[uint32]paillier.PsfProof) (*DkgResult, error)

DkgRound4 computes dkg round 4 as shown in [spec] fig. 5: DistKeyGenRound4

type DkgParticipantData

type DkgParticipantData struct {
	PublicKey   *paillier.PublicKey
	ProofParams *dealer.ProofParams
}

type DkgResult

type DkgResult struct {
	PublicShares    []*curves.EcPoint
	VerificationKey *curves.EcPoint
	SigningKeyShare *big.Int
	EncryptionKey   *paillier.SecretKey
	ParticipantData map[uint32]*DkgParticipantData
}

DkgResult is all the data generated from the DKG

type DkgRound1Bcast

type DkgRound1Bcast struct {
	Identifier       uint32
	Ci               core.Commitment
	Pki              *paillier.PublicKey
	H1i, H2i, Ni     *big.Int
	Proof1i, Proof2i *proof.CdlProof
}

DkgRound1Bcast contains values to be broadcast to all players after the completion of DKG round 1

type DkgRound2Bcast

type DkgRound2Bcast struct {
	Di *core.Witness
}

DkgRound2Bcast contains value that will be echo broadcast to all other players.

type DkgRound2P2PSend

type DkgRound2P2PSend struct {
	// contains filtered or unexported fields
}

DkgRound2P2PSend contains value that will be P2PSend to all other player Pj

type P2PSend

type P2PSend struct {
	Proof2, Proof3 proof.ResponseFinalizer
}

P2PSend is all the values that need to be sent to each player

func (*P2PSend) UnmarshalJSON

func (p2ps *P2PSend) UnmarshalJSON(bytes []byte) error

UnmarshalJSON explicitly unmarshals into ResponseProofs instead of ResponsFinalizer interface

type Participant

type Participant struct {
	dealer.Share
	Sk *paillier.SecretKey
}

Participant is a tECDSA player that receives information from a trusted dealer

func (Participant) PrepareToSign

func (p Participant) PrepareToSign(pubKey *curves.EcPoint,
	verify curves.EcdsaVerify,
	curve elliptic.Curve,
	keyGenType dealer.KeyGenType,
	publicSharesMap map[uint32]*dealer.PublicShare,
	pubKeys map[uint32]*paillier.PublicKey) (*Signer, error)

PrepareToSign creates a Signer out of a Participant. The expected co-signers for the signing rounds are expected to be exactly those included in the publicSharesMap

type Round1Bcast

type Round1Bcast struct {
	Identifier uint32
	C          core.Commitment
	Ctxt       *big.Int
	Proof      *proof.Range1Proof
}

Round1Bcast contains values to be broadcast to all players after the completion of singing round 1

type Round1P2PSend

type Round1P2PSend = proof.Range1Proof

type Round3Bcast

type Round3Bcast struct {
	// contains filtered or unexported fields
}

Round3Bcast represents the value to be broadcast to all players at the conclusion of round 3

func (Round3Bcast) MarshalJSON

func (r3b Round3Bcast) MarshalJSON() ([]byte, error)

func (*Round3Bcast) UnmarshalJSON

func (r3b *Round3Bcast) UnmarshalJSON(data []byte) error

type Round3BcastJSON

type Round3BcastJSON struct {
	DeltaElement *big.Int
}

Round3Bcast represents the value to be broadcast to all players at the conclusion of round 3

type Round4Bcast

type Round4Bcast struct {
	Witness *core.Witness
}

Round4Bcast are the values to be broadcast to the other players at the conclusion of signing round 4

type Round5Bcast

type Round5Bcast struct {
	Rbar  *curves.EcPoint
	Proof *proof.PdlProof
}

Round5Bcast are the values to be broadcast to the other players at the conclusion of signing round 5

type Round5P2PSend

type Round5P2PSend = proof.PdlProof

Round5P2PSend are the values sent to each participant at the conclusion of signing round 5

type Round6FullBcast

type Round6FullBcast struct {
	// contains filtered or unexported fields
}

Round6FullBcast are the values to be broadcast to the other players This is the s_i value from §5.fig 5.SignRound6.step 9

func (Round6FullBcast) MarshalJSON

func (r6b Round6FullBcast) MarshalJSON() ([]byte, error)

func (*Round6FullBcast) UnmarshalJSON

func (r6b *Round6FullBcast) UnmarshalJSON(data []byte) error

type Round6FullBcastJSON

type Round6FullBcastJSON struct {
	SElement *big.Int
}

Round6FullBcast are the values to be broadcast to the other players This is the s_i value from §5.fig 5.SignRound6.step 9

type Signer

type Signer struct {
	PublicKey *curves.EcPoint
	Curve     elliptic.Curve
	Round     uint // current signing round in our linear state machine
	// contains filtered or unexported fields
}

Signer is a tECDSA player that holds the additive shares needed for performing the signing operation

func NewSigner

func NewSigner(info *dealer.ParticipantData, cosigners []uint32) (*Signer, error)

NewSigner C=creates a new signer from a dealer-provided output and a specific set of co-signers

func (*Signer) SignOutput

func (signer *Signer) SignOutput(in map[uint32]*Round6FullBcast) (*curves.EcdsaSignature, error)

SignOutput performs the signature aggregation step in [spec] §5.fig 5

func (*Signer) SignRound1

func (signer *Signer) SignRound1() (*Round1Bcast, map[uint32]*Round1P2PSend, error)

SignRound1 performs round 1 signing operation Trusted Dealer Mode: see [spec] fig 7: SignRound1 DKG Mode: see [spec] fig 8: SignRound1 NOTE: Pseudocode shows N~, h1, h2, the curve's g, q, and signer's public key as inputs Since `signer` already knows the paillier secret and public keys, this input is not necessary here `participant.PrepareToSign` receives the other inputs and stores them as state variables.

func (*Signer) SignRound2

func (signer *Signer) SignRound2(params map[uint32]*Round1Bcast, p2p map[uint32]*Round1P2PSend) (map[uint32]*P2PSend, error)

SignRound2 performs round 2 signing operations for a single signer Trusted Dealer Mode: see [spec] fig 7: SignRound2 DKG Mode: see [spec] fig 8: SignRound2

func (*Signer) SignRound3

func (s *Signer) SignRound3(in map[uint32]*P2PSend) (*Round3Bcast, error)

SignRound3 performs the round 3 signing operation according to Trusted Dealer Mode: see [spec] fig 7: SignRound3 DKG Mode: see [spec] fig 8: SignRound3

func (*Signer) SignRound4

func (s *Signer) SignRound4(deltas map[uint32]*Round3Bcast) (*Round4Bcast, error)

SignRound4 performs the round 4 signing operation. It takes input the delta_j values broadcast from signers at the conclusion of round 3. Trusted Dealer Mode: see [spec] fig 7: SignRound4 DKG Mode: see [spec] fig 8: SignRound4

func (*Signer) SignRound5

func (signer *Signer) SignRound5(witnesses map[uint32]*Round4Bcast) (*Round5Bcast, map[uint32]*Round5P2PSend, error)

SignRound5 performs the round 5 signing operation. It takes input the Witness values broadcast from signers at the conclusion of round 4. Trusted Dealer Mode: see [spec] fig 7: SignRound5 DKG Mode: see [spec] fig 8: SignRound5

func (*Signer) SignRound6Full

func (signer *Signer) SignRound6Full(hash []byte, in map[uint32]*Round5Bcast, p2p map[uint32]*Round5P2PSend) (*Round6FullBcast, error)

SignRound6Full performs the round 6 signing operation according to Trusted Dealer Mode: see [spec] fig 7: SignRound6 DKG Mode: see [spec] fig 8: SignRound6

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL