cggmp21

package
v1.20.6 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Dec 4, 2025 License: BSD-3-Clause Imports: 10 Imported by: 0

Documentation

Overview

Package cggmp21 implements the CGGMP21 threshold ECDSA protocol Reference: "UC Non-Interactive, Proactive, Threshold ECDSA with Identifiable Aborts" by Canetti, Gennaro, Goldfeder, Makriyannis, and Peled (2021)

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func GeneratePaillierKeyPair 

func GeneratePaillierKeyPair(bits int) (*PaillierPrivateKey, *PaillierPublicKey, error)

GeneratePaillierKeyPair generates a new Paillier keypair

func L 

func L(x, n *big.Int) *big.Int

L computes L(x) = (x-1)/n

func VerifyKnowledge 

func VerifyKnowledge(proof *ZKProof, ciphertext *big.Int) bool

VerifyKnowledge verifies a ZK proof of plaintext knowledge

func VerifySignature 

func VerifySignature(pubKey *ecdsa.PublicKey, message []byte, sig *Signature) bool

VerifySignature verifies a threshold signature

Types

type Config 

type Config struct {
	Threshold      int // t: Threshold (t+1 parties needed to sign)
	TotalParties   int // n: Total number of parties
	Curve          elliptic.Curve
	SessionTimeout int64 // Timeout for protocol rounds
}

Config contains CGGMP21 protocol configuration

type ECPoint 

type ECPoint struct {
	X, Y *big.Int
}

ECPoint represents an elliptic curve point

func ScalarBaseMult 

func ScalarBaseMult(curve elliptic.Curve, k *big.Int) *ECPoint

type IdentifiableAbort 

type IdentifiableAbort struct {
	AbortingParty int
	Round         int
	Proof         []byte
}

IdentifiableAbort contains information about a misbehaving party

type PaillierPrivateKey 

type PaillierPrivateKey struct {
	PublicKey *PaillierPublicKey
	Lambda    *big.Int // lcm(p-1, q-1)
	Mu        *big.Int // modular multiplicative inverse
	P         *big.Int // prime p
	Q         *big.Int // prime q
}

PaillierPrivateKey represents a Paillier private key

func (*PaillierPrivateKey) Decrypt 

func (priv *PaillierPrivateKey) Decrypt(ciphertext *big.Int) (*big.Int, error)

Decrypt decrypts a ciphertext using Paillier decryption

type PaillierPublicKey 

type PaillierPublicKey struct {
	N   *big.Int // n = p*q
	NSq *big.Int // n^2
	G   *big.Int // generator (typically n+1)
}

PaillierPublicKey represents a Paillier public key

func (*PaillierPublicKey) Add 

func (pub *PaillierPublicKey) Add(c1, c2 *big.Int) *big.Int

Add performs homomorphic addition of two ciphertexts

func (*PaillierPublicKey) Encrypt 

func (pub *PaillierPublicKey) Encrypt(plaintext *big.Int) (*big.Int, error)

Encrypt encrypts a plaintext using Paillier encryption

func (*PaillierPublicKey) Multiply 

func (pub *PaillierPublicKey) Multiply(ciphertext, constant *big.Int) *big.Int

Multiply performs homomorphic multiplication by a constant

type Party 

type Party struct {
	ID     ids.NodeID
	Index  int
	Config *Config

	// Key material
	Xi           *big.Int         // Secret key share
	PublicKey    *ecdsa.PublicKey // Group public key
	PublicShares map[int]*big.Int // Public key shares from all parties

	// Paillier keys for ZK proofs
	PaillierSK  *PaillierPrivateKey
	PaillierPKs map[int]*PaillierPublicKey
	// contains filtered or unexported fields
}

Party represents a participant in the CGGMP21 protocol

func NewParty 

func NewParty(id ids.NodeID, index int, config *Config, log log.Logger) (*Party, error)

NewParty creates a new CGGMP21 party

func (*Party) Finalize 

func (p *Party) Finalize(sessionID string, round4msgs map[int]*Round4Message) (*Signature, error)

Finalize computes the final signature

func (*Party) InitiateSign 

func (p *Party) InitiateSign(sessionID string, message []byte) (*SigningSession, error)

InitiateSign starts a new signing session

func (*Party) KeyGen 

func (p *Party) KeyGen(parties []int) error

KeyGen performs distributed key generation

func (*Party) Round1_Commitment 

func (p *Party) Round1_Commitment(sessionID string) ([]byte, error)

Round1_Commitment generates and broadcasts commitment

func (*Party) Round2_Reveal 

func (p *Party) Round2_Reveal(sessionID string, commitments map[int][]byte) (*Round2Message, error)

Round2_Reveal reveals gamma values after receiving all commitments

func (*Party) Round3_Multiply 

func (p *Party) Round3_Multiply(sessionID string, reveals map[int]*Round2Message) (*Round3Message, error)

Round3_Multiply performs multiplication phase

func (*Party) Round4_Open 

func (p *Party) Round4_Open(sessionID string, round3msgs map[int]*Round3Message) (*Round4Message, error)

Round4_Open performs the opening phase

type Round2Message 

type Round2Message struct {
	FromIndex int
	BigGammaI *ECPoint
}

type Round3Message 

type Round3Message struct {
	FromIndex int
	BigDeltaI *ECPoint
}

type Round4Message 

type Round4Message struct {
	FromIndex int
	DeltaI    *big.Int
}

type Signature 

type Signature struct {
	R *big.Int
	S *big.Int
}

Signature represents an ECDSA signature

type SigningSession 

type SigningSession struct {
	SessionID   string
	Message     []byte
	MessageHash *big.Int

	// Round 1: Commitment
	Ki             *big.Int // k_i (nonce share)
	Gammai         *big.Int // gamma_i (random mask)
	CommitmentSent bool
	Commitments    map[int][]byte // Received commitments

	// Round 2: Reveal
	RevealsSent    bool
	GammaShares    map[int]*big.Int // gamma_j values
	BigGammaShares map[int]*ECPoint // [gamma_j]G points

	// Round 3: Multiplication
	DeltaShare     *big.Int         // delta_i = k_i * gamma_i
	ChiShare       *big.Int         // chi_i = x_i * k_i
	BigDeltaShares map[int]*ECPoint // [delta_j]G points

	// Round 4: Opening
	Deltas map[int]*big.Int // delta_j values
	BigRx  *ECPoint         // R_x point

	// Final signature
	R *big.Int
	S *big.Int

	// Abort handling
	AbortingParties []int
}

SigningSession represents an active signing session

type ZKProof 

type ZKProof struct {
	E   *big.Int // Commitment
	Z   *big.Int // Response
	Pub *PaillierPublicKey
}

ZKProof represents a zero-knowledge proof of plaintext knowledge

func ProveKnowledge 

func ProveKnowledge(pub *PaillierPublicKey, plaintext, randomness *big.Int) (*ZKProof, error)

ProveKnowledge creates a ZK proof of plaintext knowledge

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.