crypto

package
v0.0.0-...-0599406 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Sep 12, 2021 License: GPL-3.0 Imports: 24 Imported by: 0

Documentation

Index

Constants

View Source 
const DigestLength = 32

DigestLength sets the signature digest exact length

View Source 
const RecoveryIDOffset = 64

RecoveryIDOffset points to the byte offset within the signature that contains the recovery id.

View Source 
const SignatureLength = 64 + 1 // 64 bytes ECDSA signature + 1 byte recovery id

SignatureLength indicates the byte length required to carry a signature with recovery id.

Variables

View Source 
var G, H, ONE = BasePoints()
View Source 
var GROUP_ORDER = fr.Modulus()
View Source 
var MemKeys []*bn256.G1
View Source 
var NumNodes = 4
View Source 
var PublicKeys []*bn256.G2

// Random returns a random scalar 

func Random() *big.Int {
	v, _ := rand.Int(rand.Reader, GROUP_ORDER)
	// fmt.Println(v.String())
	return v
}
View Source 
var (
	RANDCODE []fr.Element
)
View Source 
var SecretKeys []*big.Int

Functions

func AggrHash 

func AggrHash(isets []uint64, commits G2Points, encEvals G1Points) common.Hash

AggrHash computes the hash of the aggregate data

func BasePoints 

func BasePoints() (*bls381.G2Jac, *bls381.G1Jac, *bls381.G2Jac)

BasePoints helps initialize G,H and ONE

func BlsSign 

func BlsSign(pkaggbytes []byte, sk *big.Int, memkey *bn256.G1, message []byte) *bn256.G1

func CompressPubkey 

func CompressPubkey(pubkey *ecdsa.PublicKey) []byte

CompressPubkey encodes a public key to the 33-byte compressed format.

func CreateAddress 

func CreateAddress(b common.Address, nonce uint64) common.Address

CreateAddress creates an ethereum address given the bytes and the nonce

func CreateAddress2 

func CreateAddress2(b common.Address, salt [32]byte, inithash []byte) common.Address

CreateAddress2 creates an ethereum address given the address bytes, initial contract code hash and a salt.

func DecompressPubkey 

func DecompressPubkey(pubkey []byte) (*ecdsa.PublicKey, error)

DecompressPubkey parses a public key in the 33-byte compressed format.

func DecryptShare 

func DecryptShare(share *bls381.G1Jac, secKeyInv *big.Int) *bls381.G1Jac

DecryptShare encryptedshare * secret_key.inverse()

func DleqDeriveChal 

func DleqDeriveChal(x, y, a1, a2 *bls381.G1Jac) *big.Int

DleqDeriveChal computes the dleq challenge

func DleqDeriveChalMixed 

func DleqDeriveChalMixed(x, a1 *bls381.G2Jac, y, a2 *bls381.G1Jac) *big.Int

DleqDeriveChalMixed Compute challenge on mixed group

func DleqProve 

func DleqProve(g, h, x, y *bls381.G1Jac, alpha *big.Int) (*big.Int, *big.Int)

DleqProve proves equality of discrete log for a single tuple

func DleqProveMixed 

func DleqProveMixed(g, x *bls381.G2Jac, h, y *bls381.G1Jac, alpha fr.Element) (*big.Int, *big.Int)

DleqProveMixed to compute DleqProve on mixed TODO(@sourav) Change the fr.Element to big.Int

func DleqVerifyMixed 

func DleqVerifyMixed(numProofs int, proofs NizkProofsMixed, h G1Points) bool

DleqVerifyMixed verifies a sequene of discrete logarithms

func Ecrecover 

func Ecrecover(hash, sig []byte) ([]byte, error)

Ecrecover returns the uncompressed public key that created the given signature.

func FromECDSA 

func FromECDSA(priv *ecdsa.PrivateKey) []byte

FromECDSA exports a private key into a binary dump.

func FromECDSAPub 

func FromECDSAPub(pub *ecdsa.PublicKey) []byte

func GenerateKey 

func GenerateKey() (*ecdsa.PrivateKey, error)

func GroupSetup 

func GroupSetup()

func HexToECDSA 

func HexToECDSA(hexkey string) (*ecdsa.PrivateKey, error)

HexToECDSA parses a secp256k1 private key.

func InitLagInverse 

func InitLagInverse(total int)

InitLagInverse compute inverses of constants and store them

func InitRandomCode 

func InitRandomCode(total, ths int)

InitRandomCode initializes the random codeword

func InitXPowers 

func InitXPowers(total int)

InitXPowers initializes xPowers

func Keccak256 

func Keccak256(data ...[]byte) []byte

Keccak256 calculates and returns the Keccak256 hash of the input data.

func Keccak256Hash 

func Keccak256Hash(data ...[]byte) (h common.Hash)

Keccak256Hash calculates and returns the Keccak256 hash of the input data, converting it to an internal Hash data structure.

func Keccak512 

func Keccak512(data ...[]byte) []byte

Keccak512 calculates and returns the Keccak512 hash of the input data.

func KeyAgg 

func KeyAgg(pklist []*bn256.G2) (*bn256.G2, []*big.Int)

func KeyGen 

func KeyGen() (*big.Int, *bls381.G2Jac)

KeyGen generates a fresh ed25519 keypair (sk, pk = h^sk) for a participant in the PVSS protocol

func LagrangeCoefficientScalar 

func LagrangeCoefficientScalar(i *big.Int, indices []*big.Int) fr.Element

LagrangeCoefficientScalar to compute lagrange coefficients TODO(@sourav) compute the denominators of the largrange coefficients only once and store them Not entirely sure whether computing inverse a priori is good or not as it requires multiplying large numbers

func LoadECDSA 

func LoadECDSA(file string) (*ecdsa.PrivateKey, error)

LoadECDSA loads a secp256k1 private key from the given file.

func MemKeySetup 

func MemKeySetup(apk *bn256.G2, exponents []*big.Int, SecretKeys []*big.Int) []*bn256.G1

func PubkeyToAddress 

func PubkeyToAddress(p ecdsa.PublicKey) common.Address

func Random 

func Random() fr.Element

Random returns a random scalar

func RandomCodeword 

func RandomCodeword(numNodes int, threshold int) []fr.Element

RandomCodeword returns a random dual code

func RecoverBeacon 

func RecoverBeacon(shares map[uint64]bls381.G1Jac, threshold int) bls381.G1Jac

RecoverBeacon computes the beacon output TODO(sourav): Optimize this! DOUBT: Will number of shares always be equal tp threshold?

func S256 

func S256() elliptic.Curve

S256 returns an instance of the secp256k1 curve.

func SaveECDSA 

func SaveECDSA(file string, key *ecdsa.PrivateKey) error

SaveECDSA saves a secp256k1 private key to the given file with restrictive permissions. The key data is saved hex-encoded.

func SigToPub 

func SigToPub(hash, sig []byte) (*ecdsa.PublicKey, error)

SigToPub returns the public key that created the given signature.

func Sign 

func Sign(digestHash []byte, prv *ecdsa.PrivateKey) (sig []byte, err error)

Sign calculates an ECDSA signature.

This function is susceptible to chosen plaintext attacks that can leak information about the private key that is used for signing. Callers must be aware that the given digest cannot be chosen by an adversery. Common solution is to hash any input before calculating the signature.

The produced signature is in the [R || S || V] format where V is 0 or 1.

func SignAggregator 

func SignAggregator(pklist []*bn256.G2, signlist []*bn256.G1) (*bn256.G2, *bn256.G1)

func ToECDSA 

func ToECDSA(d []byte) (*ecdsa.PrivateKey, error)

ToECDSA creates a private key with the given D value.

func ToECDSAUnsafe 

func ToECDSAUnsafe(d []byte) *ecdsa.PrivateKey

ToECDSAUnsafe blindly converts a binary blob to a private key. It should almost never be used unless you are sure the input is valid and want to avoid hitting errors due to bad origin encoding (0 prefixes cut off).

func UnmarshalPubkey 

func UnmarshalPubkey(pub []byte) (*ecdsa.PublicKey, error)

UnmarshalPubkey converts bytes to a secp256k1 public key.

func ValidateCommit 

func ValidateCommit(aggr bool, com *NodeData, pubKeys G1Points, total, ths int) error

ValidateCommit checks for correctness of a aggregated message

func ValidatePrivData 

func ValidatePrivData(rData RoundData, root common.Hash) error

ValidatePrivData validates the private data sent by the leaer TODO(@sourav): implement this function

func ValidateReconstruct 

func ValidateReconstruct(pkey, encshare, share *bls381.G1Jac, comm *bls381.G2Jac) bool

ValidateReconstruct whether a received reconstruction message is valid or not

func ValidateRoundData 

func ValidateRoundData(rData RoundData, root common.Hash) bool

ValidateRoundData validates private messages received from leader

func ValidateSignatureValues 

func ValidateSignatureValues(v byte, r, s *big.Int, homestead bool) bool

ValidateSignatureValues verifies whether the signature values are valid with the given chain rules. The v value is assumed to be either 0 or 1.

func Verify 

func Verify(nodelist []int, apk *bn256.G2, message []byte, aggpk *bn256.G2, aggsig *bn256.G1) bool

func VerifySignature 

func VerifySignature(pubkey, digestHash, signature []byte) bool

VerifySignature checks that the given public key created signature over digest. The public key should be in compressed (33 bytes) or uncompressed (65 bytes) format. The signature should have the 64 byte [R || S] format.

Types

type G1Points 

type G1Points []bls381.G1Jac

type G2Points 

type G2Points []bls381.G2Jac

type NizkProof 

type NizkProof struct {
	Commit   bls381.G1Jac
	EncEval  bls381.G1Jac
	Chal     *big.Int
	Response *big.Int
}

NizkProof is a zk-knowledege of dleq

type NizkProofMixed 

type NizkProofMixed struct {
	Commit   bls381.G2Jac
	EncEval  bls381.G1Jac
	Chal     *big.Int
	Response *big.Int
}

NizkProofMixed is a zk-knowledege of dleq during the commitment phase

type NizkProofs 

type NizkProofs []NizkProof

type NizkProofsMixed 

type NizkProofsMixed []NizkProofMixed

func ProveShareCorrectness 

func ProveShareCorrectness(shares []fr.Element, commits []bls381.G2Jac, encEvals, pubKeys []bls381.G1Jac) NizkProofsMixed

ProveShareCorrectness returns commitments to the shares and a NIZK proof (DLEQ) proofing that the encrypted_shares are correctly derived.

type NodeData 

type NodeData struct {
	Round    uint64
	Root     common.Hash
	Points   G2Points
	EncEvals G1Points
	Proofs   NizkProofsMixed
	IndexSet []uint64
}

NodeData implements the polynomial commitment type

func AggregateCommit 

func AggregateCommit(total int, indexSets []int, data []*NodeData) *NodeData

AggregateCommit aggregates polynomial commitment

func ShareRandomSecret 

func ShareRandomSecret(pubKeys G1Points, total, ths int, secret fr.Element) NodeData

ShareRandomSecret secret shares a random data TODO(@sourav) check the difference between Montgomery and Regular form, and pick on depending upon the efficiency

type Polynomial 

type Polynomial struct {
	// contains filtered or unexported fields
}

Polynomial is defined as a list of scalars

func RandomPoly 

func RandomPoly(degree int) Polynomial

RandomPoly similar to above function . But randomly chooses secret Scalar parameter

func RandomWithSecret 

func RandomWithSecret(degree int, secret *fr.Element) Polynomial

RandomWithSecret returns a polynomial with random coefficients from Zq. p(x) = c_0 + c_1*x + ... c_{degree} * x^{degree}

func (Polynomial) Eval 

func (p Polynomial) Eval(arg int) *big.Int

Eval returns the polynomial evaluation point TODO(@sourav): Check whether returning big.Int is better than returning an fr.Element

type RecData 

type RecData struct {
	Index    uint64
	DecShare bls381.G1Jac
}

RecData is the reconstruction message of a node

func ReconstructData 

func ReconstructData(enc bls381.G1Jac, secKeyInv *big.Int) RecData

ReconstructData returns the data for the reconstruction phase

type RoundData 

type RoundData struct {
	Round    uint64
	Root     common.Hash
	IndexSet []common.Address
	Proofs   NizkProofsMixed
}

RoundData stores data received from the leader

type Scalars 

type Scalars []fr.Element

Source Files

View all Source files

Directories

Path Synopsis
Package blake2b implements the BLAKE2b hash algorithm defined by RFC 7693 and the extendable output function (XOF) BLAKE2Xb.
 Package blake2b implements the BLAKE2b hash algorithm defined by RFC 7693 and the extendable output function (XOF) BLAKE2Xb.
Package bn256 implements the Optimal Ate pairing over a 256-bit Barreto-Naehrig curve.
 Package bn256 implements the Optimal Ate pairing over a 256-bit Barreto-Naehrig curve.
cloudflare
Package bn256 implements a particular bilinear group.
 Package bn256 implements a particular bilinear group.
google
Package bn256 implements a particular bilinear group.
 Package bn256 implements a particular bilinear group.
Package secp256k1 wraps the bitcoin secp256k1 C library.
 Package secp256k1 wraps the bitcoin secp256k1 C library.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.