Documentation ¶
Overview ¶
Package participant is an implementation of a `participant` in the t-of-n threshold signature of https://eprint.iacr.org/2020/540.pdf
Index ¶
- type DkgParticipant
- func (dp *DkgParticipant) DkgRound1(threshold, total uint32) (*DkgRound1Bcast, error)
- func (dp *DkgParticipant) DkgRound2(params map[uint32]*DkgRound1Bcast) (*DkgRound2Bcast, map[uint32]*DkgRound2P2PSend, error)
- func (dp *DkgParticipant) DkgRound3(d map[uint32]*core.Witness, x map[uint32]*v1.ShamirShare) (paillier.PsfProof, error)
- func (dp *DkgParticipant) DkgRound4(psfProof map[uint32]paillier.PsfProof) (*DkgResult, error)
- type DkgParticipantData
- type DkgResult
- type DkgRound1Bcast
- type DkgRound2Bcast
- type DkgRound2P2PSend
- type P2PSend
- type Participant
- type Round1Bcast
- type Round1P2PSend
- type Round3Bcast
- type Round3BcastJSON
- type Round4Bcast
- type Round5Bcast
- type Round5P2PSend
- type Round6FullBcast
- type Round6FullBcastJSON
- type Signer
- func (signer *Signer) SignOutput(in map[uint32]*Round6FullBcast) (*curves.EcdsaSignature, error)
- func (signer *Signer) SignRound1() (*Round1Bcast, map[uint32]*Round1P2PSend, error)
- func (signer *Signer) SignRound2(params map[uint32]*Round1Bcast, p2p map[uint32]*Round1P2PSend) (map[uint32]*P2PSend, error)
- func (s *Signer) SignRound3(in map[uint32]*P2PSend) (*Round3Bcast, error)
- func (s *Signer) SignRound4(deltas map[uint32]*Round3Bcast) (*Round4Bcast, error)
- func (signer *Signer) SignRound5(witnesses map[uint32]*Round4Bcast) (*Round5Bcast, map[uint32]*Round5P2PSend, error)
- func (signer *Signer) SignRound6Full(hash []byte, in map[uint32]*Round5Bcast, p2p map[uint32]*Round5P2PSend) (*Round6FullBcast, error)
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type DkgParticipant ¶
type DkgParticipant struct { Curve elliptic.Curve Round uint // contains filtered or unexported fields }
DkgParticipant is a DKG player that contains information needed to perform DKG rounds and finally get info for signing rounds.
func (*DkgParticipant) DkgRound1 ¶
func (dp *DkgParticipant) DkgRound1(threshold, total uint32) (*DkgRound1Bcast, error)
DkgRound1 performs round 1 distributed key generation operation [spec] fig 5: DistKeyGenRound1
func (*DkgParticipant) DkgRound2 ¶
func (dp *DkgParticipant) DkgRound2(params map[uint32]*DkgRound1Bcast) (*DkgRound2Bcast, map[uint32]*DkgRound2P2PSend, error)
DkgRound2 implements distributed key generation round 2 [spec] fig 5: DistKeyGenRound2
type DkgParticipantData ¶
type DkgParticipantData struct { PublicKey *paillier.PublicKey ProofParams *dealer.ProofParams }
type DkgResult ¶
type DkgResult struct { VerificationKey *curves.EcPoint EncryptionKey *paillier.SecretKey ParticipantData map[uint32]*DkgParticipantData }
DkgResult is all the data generated from the DKG
type DkgRound1Bcast ¶
type DkgRound1Bcast struct { Identifier uint32 Ci core.Commitment Pki *paillier.PublicKey H1i, H2i, Ni *big.Int Proof1i, Proof2i *proof.CdlProof }
DkgRound1Bcast contains values to be broadcast to all players after the completion of DKG round 1
type DkgRound2Bcast ¶
DkgRound2Bcast contains value that will be echo broadcast to all other players.
type DkgRound2P2PSend ¶
type DkgRound2P2PSend struct {
// contains filtered or unexported fields
}
DkgRound2P2PSend contains value that will be P2PSend to all other player Pj
type P2PSend ¶
type P2PSend struct {
Proof2, Proof3 proof.ResponseFinalizer
}
P2PSend is all the values that need to be sent to each player
func (*P2PSend) UnmarshalJSON ¶
UnmarshalJSON explicitly unmarshals into ResponseProofs instead of ResponsFinalizer interface
type Participant ¶
Participant is a tECDSA player that receives information from a trusted dealer
func (Participant) PrepareToSign ¶
func (p Participant) PrepareToSign(pubKey *curves.EcPoint, verify curves.EcdsaVerify, curve elliptic.Curve, keyGenType dealer.KeyGenType, publicSharesMap map[uint32]*dealer.PublicShare, pubKeys map[uint32]*paillier.PublicKey) (*Signer, error)
PrepareToSign creates a Signer out of a Participant. The expected co-signers for the signing rounds are expected to be exactly those included in the publicSharesMap
type Round1Bcast ¶
type Round1Bcast struct { Identifier uint32 C core.Commitment Ctxt *big.Int Proof *proof.Range1Proof }
Round1Bcast contains values to be broadcast to all players after the completion of singing round 1
type Round1P2PSend ¶
type Round1P2PSend = proof.Range1Proof
type Round3Bcast ¶
type Round3Bcast struct {
// contains filtered or unexported fields
}
Round3Bcast represents the value to be broadcast to all players at the conclusion of round 3
func (Round3Bcast) MarshalJSON ¶
func (r3b Round3Bcast) MarshalJSON() ([]byte, error)
func (*Round3Bcast) UnmarshalJSON ¶
func (r3b *Round3Bcast) UnmarshalJSON(data []byte) error
type Round3BcastJSON ¶
Round3Bcast represents the value to be broadcast to all players at the conclusion of round 3
type Round4Bcast ¶
Round4Bcast are the values to be broadcast to the other players at the conclusion of signing round 4
type Round5Bcast ¶
Round5Bcast are the values to be broadcast to the other players at the conclusion of signing round 5
type Round5P2PSend ¶
Round5P2PSend are the values sent to each participant at the conclusion of signing round 5
type Round6FullBcast ¶
type Round6FullBcast struct {
// contains filtered or unexported fields
}
Round6FullBcast are the values to be broadcast to the other players This is the s_i value from §5.fig 5.SignRound6.step 9
func (Round6FullBcast) MarshalJSON ¶
func (r6b Round6FullBcast) MarshalJSON() ([]byte, error)
func (*Round6FullBcast) UnmarshalJSON ¶
func (r6b *Round6FullBcast) UnmarshalJSON(data []byte) error
type Round6FullBcastJSON ¶
Round6FullBcast are the values to be broadcast to the other players This is the s_i value from §5.fig 5.SignRound6.step 9
type Signer ¶
type Signer struct { PublicKey *curves.EcPoint Curve elliptic.Curve Round uint // current signing round in our linear state machine // contains filtered or unexported fields }
Signer is a tECDSA player that holds the additive shares needed for performing the signing operation
func NewSigner ¶
func NewSigner(info *dealer.ParticipantData, cosigners []uint32) (*Signer, error)
NewSigner C=creates a new signer from a dealer-provided output and a specific set of co-signers
func (*Signer) SignOutput ¶
func (signer *Signer) SignOutput(in map[uint32]*Round6FullBcast) (*curves.EcdsaSignature, error)
SignOutput performs the signature aggregation step in [spec] §5.fig 5
func (*Signer) SignRound1 ¶
func (signer *Signer) SignRound1() (*Round1Bcast, map[uint32]*Round1P2PSend, error)
SignRound1 performs round 1 signing operation Trusted Dealer Mode: see [spec] fig 7: SignRound1 DKG Mode: see [spec] fig 8: SignRound1 NOTE: Pseudocode shows N~, h1, h2, the curve's g, q, and signer's public key as inputs Since `signer` already knows the paillier secret and public keys, this input is not necessary here `participant.PrepareToSign` receives the other inputs and stores them as state variables.
func (*Signer) SignRound2 ¶
func (signer *Signer) SignRound2(params map[uint32]*Round1Bcast, p2p map[uint32]*Round1P2PSend) (map[uint32]*P2PSend, error)
SignRound2 performs round 2 signing operations for a single signer Trusted Dealer Mode: see [spec] fig 7: SignRound2 DKG Mode: see [spec] fig 8: SignRound2
func (*Signer) SignRound3 ¶
func (s *Signer) SignRound3(in map[uint32]*P2PSend) (*Round3Bcast, error)
SignRound3 performs the round 3 signing operation according to Trusted Dealer Mode: see [spec] fig 7: SignRound3 DKG Mode: see [spec] fig 8: SignRound3
func (*Signer) SignRound4 ¶
func (s *Signer) SignRound4(deltas map[uint32]*Round3Bcast) (*Round4Bcast, error)
SignRound4 performs the round 4 signing operation. It takes input the delta_j values broadcast from signers at the conclusion of round 3. Trusted Dealer Mode: see [spec] fig 7: SignRound4 DKG Mode: see [spec] fig 8: SignRound4
func (*Signer) SignRound5 ¶
func (signer *Signer) SignRound5(witnesses map[uint32]*Round4Bcast) (*Round5Bcast, map[uint32]*Round5P2PSend, error)
SignRound5 performs the round 5 signing operation. It takes input the Witness values broadcast from signers at the conclusion of round 4. Trusted Dealer Mode: see [spec] fig 7: SignRound5 DKG Mode: see [spec] fig 8: SignRound5
func (*Signer) SignRound6Full ¶
func (signer *Signer) SignRound6Full(hash []byte, in map[uint32]*Round5Bcast, p2p map[uint32]*Round5P2PSend) (*Round6FullBcast, error)
SignRound6Full performs the round 6 signing operation according to Trusted Dealer Mode: see [spec] fig 7: SignRound6 DKG Mode: see [spec] fig 8: SignRound6