Skip to content

Commit

Permalink
refactor: use constant security parameters
Browse files Browse the repository at this point in the history
  • Loading branch information
@ivokub
ivokub committed Dec 12, 2023
1 parent f2aec93 commit 9c01354
Show file tree
Hide file tree
Showing 6 changed files with 48 additions and 168 deletions.
8 changes: 4 additions & 4 deletions fs-dkr/src/add_party_message.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -44,7 +44,7 @@ use tss_core::zkproof::prm::{PiPrmProof, PiPrmStatement, PiPrmWitness};
/// Message used by new parties to join the protocol.
#[derive(Clone, Deserialize, Serialize, Debug)]
#[serde(bound = "E: Curve, H: Digest + Clone")]
pub struct JoinMessage<E: Curve, H: Digest + Clone, const M: usize> {
pub struct JoinMessage<E: Curve, H: Digest + Clone> {
pub(crate) ek: EncryptionKey,
pub(crate) dk_correctness_proof: NiCorrectKeyProof,
pub(crate) party_index: Option<u16>,
Expand Down Expand Up @@ -82,7 +82,7 @@ fn generate_dlog_statement_proofs(
))
}

impl<E: Curve, H: Digest + Clone, const M: usize> JoinMessage<E, H, M> {
impl<E: Curve, H: Digest + Clone> JoinMessage<E, H> {
pub fn set_party_index(&mut self, new_party_index: u16) {
self.party_index = Some(new_party_index);
}
Expand Down Expand Up @@ -139,9 +139,9 @@ impl<E: Curve, H: Digest + Clone, const M: usize> JoinMessage<E, H, M> {
/// (multiple parties can be added/replaced at once).
pub fn collect(
&self,
refresh_messages: &[RefreshMessage<E, H, M>],
refresh_messages: &[RefreshMessage<E, H>],
paillier_key: Keys,
join_messages: &[JoinMessage<E, H, M>],
join_messages: &[JoinMessage<E, H>],
new_t: u16,
new_n: u16,
current_t: u16,
Expand Down
10 changes: 5 additions & 5 deletions fs-dkr/src/refresh_message.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -31,7 +31,7 @@ use tss_core::{
// Everything here can be broadcasted
#[derive(Debug, Clone, Deserialize, Serialize)]
#[serde(bound = "E: Curve, H: Digest + Clone")]
pub struct RefreshMessage<E: Curve, H: Digest + Clone, const M: usize> {
pub struct RefreshMessage<E: Curve, H: Digest + Clone> {
pub(crate) old_party_index: u16,
pub(crate) party_index: u16,
pdl_proof_vec: Vec<PDLwSlackProof<E, H>>,
Expand All @@ -50,13 +50,13 @@ pub struct RefreshMessage<E: Curve, H: Digest + Clone, const M: usize> {
pub hash_choice: HashChoice<H>,
}

impl<E: Curve, H: Digest + Clone, const M: usize> RefreshMessage<E, H, M> {
impl<E: Curve, H: Digest + Clone> RefreshMessage<E, H> {
pub fn distribute(
old_party_index: u16,
local_key: &mut LocalKey<E>,
new_t: u16,
new_n: u16,
) -> FsDkrResult<(RefreshMessage<E, H, M>, DecryptionKey)> {
) -> FsDkrResult<(RefreshMessage<E, H>, DecryptionKey)> {
assert!(new_t <= new_n / 2);
let secret = local_key.keys_linear.x_i.clone();
// secret share old key
Expand Down Expand Up @@ -263,7 +263,7 @@ impl<E: Curve, H: Digest + Clone, const M: usize> RefreshMessage<E, H, M> {
}

pub fn replace(
new_parties: &[JoinMessage<E, H, M>],
new_parties: &[JoinMessage<E, H>],
key: &mut LocalKey<E>,
old_to_new_map: &HashMap<u16, u16>,
new_t: u16,
Expand Down Expand Up @@ -355,7 +355,7 @@ impl<E: Curve, H: Digest + Clone, const M: usize> RefreshMessage<E, H, M> {
refresh_messages: &[Self],
local_key: &mut LocalKey<E>,
new_dk: DecryptionKey,
join_messages: &[JoinMessage<E, H, M>],
join_messages: &[JoinMessage<E, H>],
current_t: u16,
) -> FsDkrResult<()> {
let new_n = refresh_messages.len() + join_messages.len();
Expand Down
67 changes: 22 additions & 45 deletions fs-dkr/src/test.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -39,7 +39,7 @@ mod tests {
let mut keys = simulate_keygen(t, n);

let old_keys = keys.clone();
simulate_dkr::<{ crate::M_SECURITY }>(&mut keys, None);
simulate_dkr(&mut keys, None);

// check that sum of old keys is equal to sum of new keys
let old_linear_secret_key: Vec<_> = (0..old_keys.len())
Expand Down Expand Up @@ -78,10 +78,10 @@ mod tests {
let mut keys = simulate_keygen(2, 5);
let offline_sign = simulate_offline_stage(keys.clone(), &[1, 2, 3]);
simulate_signing(offline_sign, b"ZenGo");
simulate_dkr::<{ crate::M_SECURITY }>(&mut keys, None);
simulate_dkr(&mut keys, None);
let offline_sign = simulate_offline_stage(keys.clone(), &[2, 3, 4]);
simulate_signing(offline_sign, b"ZenGo");
simulate_dkr::<{ crate::M_SECURITY }>(&mut keys, None);
simulate_dkr(&mut keys, None);
let offline_sign = simulate_offline_stage(keys, &[1, 3, 5]);
simulate_signing(offline_sign, b"ZenGo");
}
Expand All @@ -91,50 +91,39 @@ mod tests {
let mut keys = simulate_keygen(2, 5);
let offline_sign = simulate_offline_stage(keys.clone(), &[1, 2, 3]);
simulate_signing(offline_sign, b"ZenGo");
simulate_dkr_removal::<{ crate::M_SECURITY }>(
&mut keys,
[1].to_vec(),
None,
);
simulate_dkr_removal(&mut keys, [1].to_vec(), None);
let offline_sign = simulate_offline_stage(keys.clone(), &[2, 3, 4]);
simulate_signing(offline_sign, b"ZenGo");
simulate_dkr_removal::<{ crate::M_SECURITY }>(
&mut keys,
[1, 2].to_vec(),
None,
);
simulate_dkr_removal(&mut keys, [1, 2].to_vec(), None);
let offline_sign = simulate_offline_stage(keys, &[3, 4, 5]);
simulate_signing(offline_sign, b"ZenGo");
}

#[test]
fn test_add_party_with_permute() {
fn simulate_replace<const M: usize>(
fn simulate_replace(
keys: &mut Vec<LocalKey<Secp256k1>>,
party_indices: &[u16],
old_to_new_map: &HashMap<u16, u16>,
t: u16,
n: u16,
) -> FsDkrResult<()> {
fn generate_join_messages_and_keys<const M: usize>(
fn generate_join_messages_and_keys(
number_of_new_parties: usize,
) -> (Vec<JoinMessage<Secp256k1, Sha256, M>>, Vec<Keys>)
{
) -> (Vec<JoinMessage<Secp256k1, Sha256>>, Vec<Keys>) {
// the new party generates it's join message to start joining
// the computation
(0..number_of_new_parties)
.map(|_| JoinMessage::distribute().unwrap())
.unzip()
}

fn generate_refresh_parties_replace<const M: usize>(
fn generate_refresh_parties_replace(
keys: &mut [LocalKey<Secp256k1>],
old_to_new_map: &HashMap<u16, u16>,
join_messages: &[JoinMessage<Secp256k1, Sha256, M>],
) -> (
Vec<RefreshMessage<Secp256k1, Sha256, M>>,
Vec<DecryptionKey>,
) {
join_messages: &[JoinMessage<Secp256k1, Sha256>],
) -> (Vec<RefreshMessage<Secp256k1, Sha256>>, Vec<DecryptionKey>)
{
let new_n = (&keys.len() + join_messages.len()) as u16;
keys.iter_mut()
.map(|key| {
Expand All @@ -153,9 +142,7 @@ mod tests {
// each party that wants to join generates a join message and a pair
// of paillier keys.
let (mut join_messages, new_keys) =
generate_join_messages_and_keys::<{ crate::M_SECURITY }>(
party_indices.len(),
);
generate_join_messages_and_keys(party_indices.len());

// each new party has to be informed through offchannel
// communication what party index it has been assigned
Expand Down Expand Up @@ -229,14 +216,7 @@ mod tests {
old_to_new_map.insert(6, 5);

// Simulate the replace
simulate_replace::<{ crate::M_SECURITY }>(
&mut keys,
&[2, 7],
&old_to_new_map,
t,
n,
)
.unwrap();
simulate_replace(&mut keys, &[2, 7], &old_to_new_map, t, n).unwrap();
// check that sum of old keys is equal to sum of new keys
let old_linear_secret_key: Vec<_> = (0..all_keys.len())
.map(|i| all_keys[i].keys_linear.x_i.clone())
Expand Down Expand Up @@ -278,11 +258,11 @@ mod tests {
let offline_sign = simulate_offline_stage(keys.clone(), &[1, 2, 3]);
simulate_signing(offline_sign, b"ZenGo");
// Change threshold to 1 (i.e quorum size = 2).
simulate_dkr::<{ crate::M_SECURITY }>(&mut keys, Some(1));
simulate_dkr(&mut keys, Some(1));
let offline_sign = simulate_offline_stage(keys.clone(), &[3, 4]);
simulate_signing(offline_sign, b"ZenGo");
// Change threshold to back to 2 (i.e quorum size = 3).
simulate_dkr::<{ crate::M_SECURITY }>(&mut keys, Some(2));
simulate_dkr(&mut keys, Some(2));
let offline_sign = simulate_offline_stage(keys, &[1, 3, 5]);
simulate_signing(offline_sign, b"ZenGo");
}
Expand All @@ -299,17 +279,17 @@ mod tests {
simulation.run().unwrap()
}

fn simulate_dkr_removal<const M: usize>(
fn simulate_dkr_removal(
keys: &mut Vec<LocalKey<Secp256k1>>,
remove_party_indices: Vec<u16>,
new_t_option: Option<u16>,
) {
let mut broadcast_messages: HashMap<
usize,
Vec<RefreshMessage<Secp256k1, Sha256, M>>,
Vec<RefreshMessage<Secp256k1, Sha256>>,
> = HashMap::new();
let mut new_dks: HashMap<usize, DecryptionKey> = HashMap::new();
let mut refresh_messages: Vec<RefreshMessage<Secp256k1, Sha256, M>> =
let mut refresh_messages: Vec<RefreshMessage<Secp256k1, Sha256>> =
Vec::new();
let mut party_key: HashMap<usize, LocalKey<Secp256k1>> = HashMap::new();
// TODO: Verify this is correct
Expand Down Expand Up @@ -389,14 +369,11 @@ mod tests {
}
}

fn simulate_dkr<const M: usize>(
fn simulate_dkr(
keys: &mut Vec<LocalKey<Secp256k1>>,
new_t_option: Option<u16>,
) -> (
Vec<RefreshMessage<Secp256k1, Sha256, M>>,
Vec<DecryptionKey>,
) {
let mut broadcast_vec: Vec<RefreshMessage<Secp256k1, Sha256, M>> =
) -> (Vec<RefreshMessage<Secp256k1, Sha256>>, Vec<DecryptionKey>) {
let mut broadcast_vec: Vec<RefreshMessage<Secp256k1, Sha256>> =
Vec::new();
let mut new_dks: Vec<DecryptionKey> = Vec::new();
let keys_len = keys.len();
Expand Down
69 changes: 11 additions & 58 deletions src/refresh/rounds.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -15,13 +15,7 @@ use crate::utilities::sha2::Sha256;

pub enum PartyType {
Existing(Box<LocalKey<Secp256k1>>),
New(
Box<(
JoinMessage<Secp256k1, Sha256, { crate::utilities::STAT_PARAM }>,
Keys,
u16,
)>,
),
New(Box<(JoinMessage<Secp256k1, Sha256>, Keys, u16)>),
}

use super::state_machine::{Round0Messages, Round1Messages};
Expand All @@ -38,17 +32,7 @@ pub struct Round0 {
impl Round0 {
pub fn proceed<O>(self, mut output: O) -> Result<Round1>
where
O: Push<
Msg<
Option<
JoinMessage<
Secp256k1,
Sha256,
{ crate::utilities::STAT_PARAM },
>,
>,
>,
>,
O: Push<Msg<Option<JoinMessage<Secp256k1, Sha256>>>>,
{
match self.local_key_option {
Some(local_key) => {
Expand Down Expand Up @@ -112,34 +96,15 @@ pub struct Round1 {
impl Round1 {
pub fn proceed<O>(
self,
input: BroadcastMsgs<
Option<
JoinMessage<
Secp256k1,
Sha256,
{ crate::utilities::STAT_PARAM },
>,
>,
>,
input: BroadcastMsgs<Option<JoinMessage<Secp256k1, Sha256>>>,
mut output: O,
) -> Result<Round2>
where
O: Push<
Msg<
Option<
RefreshMessage<
Secp256k1,
Sha256,
{ crate::utilities::STAT_PARAM },
>,
>,
>,
>,
O: Push<Msg<Option<RefreshMessage<Secp256k1, Sha256>>>>,
{
let join_message_option_vec = input.into_vec();
let mut join_message_vec: Vec<
JoinMessage<Secp256k1, Sha256, { crate::utilities::STAT_PARAM }>,
> = Vec::new();
let mut join_message_vec: Vec<JoinMessage<Secp256k1, Sha256>> =
Vec::new();
for join_message_option in join_message_option_vec.into_iter().flatten()
{
join_message_vec.push(join_message_option)
Expand Down Expand Up @@ -210,11 +175,8 @@ impl Round1 {

pub struct Round2 {
pub party_type: PartyType,
pub join_messages:
Vec<JoinMessage<Secp256k1, Sha256, { crate::utilities::STAT_PARAM }>>,
pub refresh_message: Option<
RefreshMessage<Secp256k1, Sha256, { crate::utilities::STAT_PARAM }>,
>,
pub join_messages: Vec<JoinMessage<Secp256k1, Sha256>>,
pub refresh_message: Option<RefreshMessage<Secp256k1, Sha256>>,
pub new_paillier_decryption_key: DecryptionKey,
new_t: u16,
new_n: u16,
Expand All @@ -224,21 +186,12 @@ pub struct Round2 {
impl Round2 {
pub fn proceed(
self,
input: BroadcastMsgs<
Option<
RefreshMessage<
Secp256k1,
Sha256,
{ crate::utilities::STAT_PARAM },
>,
>,
>,
input: BroadcastMsgs<Option<RefreshMessage<Secp256k1, Sha256>>>,
) -> Result<LocalKey<Secp256k1>> {
let refresh_message_option_vec =
input.into_vec_including_me(self.refresh_message);
let mut refresh_message_vec: Vec<
RefreshMessage<Secp256k1, Sha256, { crate::utilities::STAT_PARAM }>,
> = Vec::new();
let mut refresh_message_vec: Vec<RefreshMessage<Secp256k1, Sha256>> =
Vec::new();
for refresh_message_option in
refresh_message_option_vec.into_iter().flatten()
{
Expand Down
30 changes: 6 additions & 24 deletions src/refresh/state_machine.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -19,20 +19,10 @@ use crate::utilities::sha2::Sha256;
use std::{collections::HashMap, fmt, mem::replace, time::Duration};
use thiserror::Error;

pub type Round0Messages = Store<
BroadcastMsgs<
Option<
JoinMessage<Secp256k1, Sha256, { crate::utilities::STAT_PARAM }>,
>,
>,
>;
pub type Round1Messages = Store<
BroadcastMsgs<
Option<
RefreshMessage<Secp256k1, Sha256, { crate::utilities::STAT_PARAM }>,
>,
>,
>;
pub type Round0Messages =
Store<BroadcastMsgs<Option<JoinMessage<Secp256k1, Sha256>>>>;
pub type Round1Messages =
Store<BroadcastMsgs<Option<RefreshMessage<Secp256k1, Sha256>>>>;

pub struct KeyRefresh {
// Current round
Expand Down Expand Up @@ -401,16 +391,8 @@ pub struct ProtocolMessage(M);
#[derive(Debug, Clone, Serialize, Deserialize)]
#[allow(clippy::large_enum_variant)]
enum M {
Round1(
Option<
JoinMessage<Secp256k1, Sha256, { crate::utilities::STAT_PARAM }>,
>,
),
Round2(
Option<
RefreshMessage<Secp256k1, Sha256, { crate::utilities::STAT_PARAM }>,
>,
),
Round1(Option<JoinMessage<Secp256k1, Sha256>>),
Round2(Option<RefreshMessage<Secp256k1, Sha256>>),
}

// Error
Expand Down
Loading

0 comments on commit 9c01354

Please sign in to comment.