pvss

package
v0.2103.14 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jun 6, 2022 License: Apache-2.0 Imports: 13 Imported by: 0

Documentation

Overview

Package pvss implements a PVSS backed commit-reveal scheme loosely based on the Scalable Randomness Attested by Public Entities protocol by Casudo and David.

In practice this implementation omits the things that make SCRAPE scalable/fast, and is just a consensus backed PVSS based beacon. The differences are as follows:

  • The coding theory based share verification mechanism is not implemented. The check is as in Schoenmakers' paper. This could be added at a future date for a performance gain.

  • The commit/reveal based fast path that skips having to recover each participant's secret if they submitted a protocol level reveal is omitted. It is possible to game the system by publishing shares for one secret and a commitment for another secret, and then choosing to reveal or not after everyone else has revealed. While this behavior is detectable, it either involves having to recover the secret from the shares anyway rendering the optimization moot, or having a userbase that understands that slashing is integral to the security of the system.

See: https://eprint.iacr.org/2017/216.pdf

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func NewKeyPair 

func NewKeyPair() (*Scalar, *Point, error)

NewKeyPair creates a new scalar/point pair for use with a PVSS instance.

Types

type Commit 

type Commit struct {
	Index  int            `json:"index"`
	Shares []*CommitShare `json:"shares"`
}

Commit is a PVSS commit.

type CommitShare 

type CommitShare struct {
	PolyV Point `json:"poly_v"` // Share of the public commitment polynomial
	PubVerShare
}

CommitShare is a commit share.

type CommitState 

type CommitState struct {
	Commit         *Commit      `json:"commit"`
	DecryptedShare *PubVerShare `json:"decrypted_share,omitempty"`
}

CommitState is a PVSS commit and the corresponding decrypted share, if any.

type Config 

type Config struct {
	// PrivateKey is the scalar to use as the private key.
	PrivateKey *Scalar

	// Participants is the vector of public keys of all participants
	// in the protocol.
	//
	// Note: This must be in consistent order across all participants,
	// and include the public point generated from `PrivateKey`, if
	// this config is for a participant.
	Participants []Point

	// Threshold is the threshold to use for specifying the
	// minimum number of commits and reveals required for the
	// protocol to proceed.  This value is also used as the threshold
	// for the underling PVSS scheme.
	Threshold int
}

Config is the configuration for an execution of the PVSS protocol.

type Instance 

type Instance struct {
	Participants    []Point                      `json:"participants"`
	Commits         map[int]*CommitState         `json:"commits"`
	Reveals         map[int]*Reveal              `json:"reveals"`
	DecryptedShares map[int]map[int]*PubVerShare `json:"decrypted_shares"`
	Threshold       int                          `json:"threshold"`
	// contains filtered or unexported fields
}

Instance is an instance of the PVSS protocol.

func New 

func New(cfg *Config) (*Instance, error)

New creates a new protocol instance with the provided configuration.

func (*Instance) Commit 

func (inst *Instance) Commit() (*Commit, error)

Commit executes the commit phase of the protocol, generating a commitment message to be broadcasted to all participants.

func (*Instance) MayRecover 

func (inst *Instance) MayRecover() (bool, int)

MayRecover returns true iff it is possible to proceed to the recovery step, and the total number of distinct valid reveals received.

func (*Instance) MayReveal 

func (inst *Instance) MayReveal() (bool, int)

MayReveal returns true iff it is possible to proceed to the reveal step, and the total number of distinct valid commitments received.

func (*Instance) OnCommit 

func (inst *Instance) OnCommit(commit *Commit) error

OnCommit processes a commitment message received from a participant.

Note: This assumes that the commit is authentic and attributable.

func (*Instance) OnReveal 

func (inst *Instance) OnReveal(reveal *Reveal) error

OnReveal processes a reveal message received from a participant.

Note: This assumes that the reveal is authentic and attributable.

func (*Instance) Recover 

func (inst *Instance) Recover() ([]byte, []int, error)

Recover executes the recovery phase of the protocol, returning the resulting composite entropy and the indexes of the participants that contributed fully.

func (*Instance) Reveal 

func (inst *Instance) Reveal() (*Reveal, error)

Reveal executes the reveal phase of the protocol, generating a reveal message to be broadcasted to all participants.

func (*Instance) SetScalar 

func (inst *Instance) SetScalar(privateKey *Scalar) error

SetScalar sets the private scalar belonging to an instance. Under most circumstances this will be handled by the constructor.

type Point 

type Point struct {
	// contains filtered or unexported fields
}

Point is an elliptic curve point.

func (*Point) Inner 

func (p *Point) Inner() kyber.Point

Inner returns the actual kyber.Point.

func (*Point) LoadPEM 

func (p *Point) LoadPEM(fn string, scalar *Scalar) error

LoadPEM loads a point from a PEM file on disk. Iff the point is missing and a Scalar is provided, the Scalar's corresponding point will be written and loaded.

func (Point) MarshalBinary 

func (p Point) MarshalBinary() ([]byte, error)

MarshalBinary implements the encoding.BinaryMarshaler interface.

func (Point) MarshalPEM 

func (p Point) MarshalPEM() ([]byte, error)

MarshalPEM encodes a point into PEM form.

func (*Point) MarshalText added in v0.2100.0 

func (p *Point) MarshalText() ([]byte, error)

MarshalText encodes a point into text form.

func (*Point) UnmarshalBinary 

func (p *Point) UnmarshalBinary(data []byte) error

UnmarshalBinary implements the encoding.BinaryUnmarshaler interface.

func (*Point) UnmarshalPEM 

func (p *Point) UnmarshalPEM(data []byte) error

UnmarshalPEM decodes a PEM marshaled point.

func (*Point) UnmarshalText added in v0.2100.0 

func (p *Point) UnmarshalText(text []byte) error

UnmarshalText decodes a text marshaled point.

type PubVerShare 

type PubVerShare struct {
	V Point `json:"v"` // Encrypted/decrypted share

	C  Scalar `json:"c"`  // Challenge
	R  Scalar `json:"r"`  // Response
	VG Point  `json:"vg"` // Public commitment with respect to base point G
	VH Point  `json:"vh"` // Public commitment with respect to base point H
}

PubVerShare is a public verifiable share (`pvss.PubVerShare`)

type Reveal 

type Reveal struct {
	Index           int                  `json:"index"`
	DecryptedShares map[int]*PubVerShare `json:"decrypted_shares"`
}

Reveal is a PVSS reveal.

type Scalar 

type Scalar struct {
	// contains filtered or unexported fields
}

Scalar is a scalar.

func (*Scalar) Inner 

func (s *Scalar) Inner() kyber.Scalar

Inner returns the actual kyber.Scalar.

func (*Scalar) LoadOrGeneratePEM 

func (s *Scalar) LoadOrGeneratePEM(fn string) error

LoadOrGeneratePEM loads a scalar from a PEM file on disk. Iff the scalar is missing, a new one will be generated, written, and loaded.

func (Scalar) MarshalBinary 

func (s Scalar) MarshalBinary() ([]byte, error)

MarshalBinary implements the encoding.BinaryMarshaler interface.

func (Scalar) MarshalPEM 

func (s Scalar) MarshalPEM() ([]byte, error)

MarshalPEM encodes a scalar into PEM form.

func (*Scalar) Point 

func (s *Scalar) Point() Point

Point returns the corresponding point.

func (*Scalar) UnmarshalBinary 

func (s *Scalar) UnmarshalBinary(data []byte) error

UnmarshalBinary implements the encoding.BinaryUnmarshaler interface.

func (*Scalar) UnmarshalPEM 

func (s *Scalar) UnmarshalPEM(data []byte) error

UnmarshalPEM decodes a PEM marshaled scalar.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.