Documentation
¶
Overview ¶
DSS implements the Distributed Schnorr Signature protocol from the paper "Provably Secure Distributed Schnorr Signatures and a (t, n) Threshold Scheme for Implicit Certificates". https://dl.acm.org/citation.cfm?id=678297 To generate a distributed signature from a group of participants, the group must first generate one longterm distributed secret with the share/dkg package, and then one random secret to be used only once. Each participant then creates a DSS struct, that can issue partial signatures with `dss.PartialSignature()`. These partial signatures can be broadcasted to the whole group or to a trusted combiner. Once one has collected enough partial signature, it is possible to compute the distributed signature with the `Signature` method. The resulting signature is compatible with the EdDSA verification function. against the longterm distributed key.
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
Types ¶
type DSS ¶
type DSS struct {
T int
// contains filtered or unexported fields
}
DSS holds the information used to issue partial signatures as well as to compute the distributed schnorr signature.
func NewDSS ¶
func NewDSS(suite abstract.Suite, secret abstract.Scalar, participants []abstract.Point, long, random *dkg.DistKeyShare, msg []byte, T int) (*DSS, error)
NewDSS returns a DSS struct out of the suite, the longterm secret of this node, the list of participants, the longterm and random distributed key (generated by the dkg package), the message to sign and finally the T threshold. It returns an error if the public key of the secret can't be found in the list of participants.
func (*DSS) EnoughPartialSig ¶
EnoughPartialSig returns true if there is enough partial signature to compute the distributed signature. It returns false otherwise. If there is enough partial signatures, one can issue the signature with `Signature()`.
func (*DSS) PartialSig ¶
func (d *DSS) PartialSig() (*PartialSig, error)
PartialSig generates the partial signature related to this DSS. This PartialSig can be broadcasted to every other participants or only to a trusted *combiner* as described in the paper. The signature format is compatible with EdDSA verification implementations The PartialSig can be broadcasted to every other peers or to a trusted combiner which collects all partial signatures to compute the distributed signature.
func (*DSS) ProcessPartialSig ¶
func (d *DSS) ProcessPartialSig(ps *PartialSig) error
ProcessPartialSig takes a PartialSig from another participant and stores it for generating the distributed signature. It returns an error if the index is wrong, or the signature is invalid or if a partial signature has already been received by the same peer. To know whether the distributed signature can be computed after this call, one can use the `EnoughPartialSigs` method.
type PartialSig ¶
PartialSig is partial representation of the final distributed signature. It must be sent to each other participants.
Source Files