mirror of
https://source.quilibrium.com/quilibrium/ceremonyclient.git
synced 2025-01-24 22:55:17 +00:00
90 lines
2.2 KiB
Go
90 lines
2.2 KiB
Go
//
|
|
// Copyright Coinbase, Inc. All Rights Reserved.
|
|
//
|
|
// SPDX-License-Identifier: Apache-2.0
|
|
//
|
|
|
|
package gennaro
|
|
|
|
import (
|
|
"fmt"
|
|
|
|
"source.quilibrium.com/quilibrium/monorepo/nekryptology/internal"
|
|
v1 "source.quilibrium.com/quilibrium/monorepo/nekryptology/pkg/sharing/v1"
|
|
)
|
|
|
|
// Round3Bcast contains values that will be broadcast to other participants.
|
|
type Round3Bcast = v1.ShareVerifier
|
|
|
|
// Round3 computes the third round for Gennaro DKG
|
|
// Algorithm 4 - Gennaro DKG Round 3
|
|
// bcast contains all Round2 broadcast from other participants to this participant.
|
|
func (dp *Participant) Round3(bcast map[uint32]Round2Bcast) (*Round3Bcast, *v1.ShamirShare, error) {
|
|
// Check participant is not empty
|
|
if dp == nil || dp.curve == nil {
|
|
return nil, nil, internal.ErrNilArguments
|
|
}
|
|
|
|
// Check participant has the correct dkg round number
|
|
if dp.round != 3 {
|
|
return nil, nil, internal.ErrInvalidRound
|
|
}
|
|
|
|
// Check the input is valid
|
|
if len(bcast) == 0 {
|
|
return nil, nil, internal.ErrNilArguments
|
|
}
|
|
|
|
// 1. SetBigInt Pk = R_i1
|
|
Pk := dp.pedersenResult.Verifiers[0]
|
|
|
|
// 2. for j in 1,...,n
|
|
for id := range bcast {
|
|
// 3. if i = j continue
|
|
if id == dp.id {
|
|
continue
|
|
}
|
|
|
|
// 4. If FeldmanVerify(E, xji, {R_j1,...,R_jt}) = false; abort
|
|
xji := dp.otherParticipantShares[id].Share
|
|
vs := bcast[id]
|
|
if ok, err := dp.feldman.Verify(xji, vs); !ok {
|
|
if err != nil {
|
|
return nil, nil, err
|
|
} else {
|
|
return nil, nil, fmt.Errorf("invalid share for participant #{id}")
|
|
}
|
|
}
|
|
|
|
// Store the feldman verifiers for round 4
|
|
dp.otherParticipantShares[id].Verifiers = vs
|
|
|
|
// 5. Pk = Pk+R_j1
|
|
temp, err := Pk.Add(bcast[id][0])
|
|
if err != nil {
|
|
return nil, nil, fmt.Errorf("error in computing Pk+R_j1")
|
|
} //nolint:errcheck
|
|
Pk = temp
|
|
}
|
|
|
|
// This is a sanity check to make sure nothing went wrong
|
|
// when computing the public key
|
|
if !Pk.IsOnCurve() || Pk.IsIdentity() {
|
|
return nil, nil, fmt.Errorf("invalid public key")
|
|
}
|
|
|
|
// 6. Store Pk as the public verification key
|
|
dp.verificationKey = Pk
|
|
|
|
// Update internal state
|
|
dp.round = 4
|
|
|
|
skShare := v1.ShamirShare{
|
|
Identifier: dp.id,
|
|
Value: dp.skShare,
|
|
}
|
|
|
|
// Output Pk as the public verification key
|
|
return Pk, &skShare, nil
|
|
}
|