Improve the terminology used around multisig

- Rename `verifying_key` (used by FROST) to `authorizing_key` (used by Iron Fish) - Drop `verifyingKey`/`authorizingKey` from the output of `createTrustedDealerKeyPackage` as it is not needed - Remove the term "coordinator" in places where it should actually be "trusted dealer" - Rename 1-letter variables
iron-fish · Feb 28, 2024 · 732cbe5 · 732cbe5
1 parent 68d91e7
commit 732cbe5
Show file tree

Hide file tree

Showing 6 changed files with 34 additions and 49 deletions.
diff --git a/ironfish-rust-nodejs/index.d.ts b/ironfish-rust-nodejs/index.d.ts
@@ -6,7 +6,7 @@
 export const IDENTITY_LEN: number
 export function createSigningCommitment(identity: string, keyPackage: string, transactionHash: Buffer, signers: Array<string>): string
 export function createSignatureShare(identity: string, keyPackage: string, signingPackage: string): string
-export function splitSecret(coordinatorSaplingKey: string, minSigners: number, identities: Array<string>): TrustedDealerKeyPackages
+export function splitSecret(spendingKey: string, minSigners: number, identities: Array<string>): TrustedDealerKeyPackages
 export function contribute(inputPath: string, outputPath: string, seed?: string | undefined | null): Promise<string>
 export function verifyTransform(paramsPath: string, newParamsPath: string): Promise<string>
 export const KEY_LENGTH: number
@@ -59,7 +59,6 @@ export interface IdentityKeyPackage {
   keyPackage: string
 }
 export interface TrustedDealerKeyPackages {
-  verifyingKey: string
   proofAuthorizingKey: string
   viewKey: string
   incomingViewKey: string

diff --git a/ironfish-rust-nodejs/src/frost.rs b/ironfish-rust-nodejs/src/frost.rs
@@ -177,35 +177,38 @@ impl ParticipantIdentity {
 
 #[napi]
 pub fn split_secret(
-    coordinator_sapling_key: String,
+    spending_key: String,
     min_signers: u16,
     identities: Vec<String>,
 ) -> Result<TrustedDealerKeyPackages> {
-    let coordinator_key = hex_to_bytes(&coordinator_sapling_key)
+    let spending_key = hex_to_bytes(&spending_key)
         .and_then(SaplingKey::new)
         .map_err(to_napi_err)?;
 
     let identities = try_deserialize_identities(identities)?;
 
-    let t = split_spender_key(&coordinator_key, min_signers, identities).map_err(to_napi_err)?;
+    let packages =
+        split_spender_key(&spending_key, min_signers, identities).map_err(to_napi_err)?;
 
-    let mut key_packages = Vec::with_capacity(t.key_packages.len());
-    for (k, v) in t.key_packages.iter() {
+    let mut key_packages = Vec::with_capacity(packages.key_packages.len());
+    for (identity, key_package) in packages.key_packages.iter() {
         key_packages.push(IdentityKeyPackage {
-            identity: bytes_to_hex(&k.serialize()),
-            key_package: bytes_to_hex(&v.serialize().map_err(to_napi_err)?),
+            identity: bytes_to_hex(&identity.serialize()),
+            key_package: bytes_to_hex(&key_package.serialize().map_err(to_napi_err)?),
         });
     }
 
-    let public_key_package = t.public_key_package.serialize().map_err(to_napi_err)?;
+    let public_key_package = packages
+        .public_key_package
+        .serialize()
+        .map_err(to_napi_err)?;
 
     Ok(TrustedDealerKeyPackages {
-        verifying_key: bytes_to_hex(&t.verifying_key),
-        proof_authorizing_key: t.proof_authorizing_key.hex_key(),
-        view_key: t.view_key.hex_key(),
-        incoming_view_key: t.incoming_view_key.hex_key(),
-        outgoing_view_key: t.outgoing_view_key.hex_key(),
-        public_address: t.public_address.hex_public_address(),
+        proof_authorizing_key: packages.proof_authorizing_key.hex_key(),
+        view_key: packages.view_key.hex_key(),
+        incoming_view_key: packages.incoming_view_key.hex_key(),
+        outgoing_view_key: packages.outgoing_view_key.hex_key(),
+        public_address: packages.public_address.hex_public_address(),
         key_packages,
         public_key_package: bytes_to_hex(&public_key_package),
     })

diff --git a/ironfish-rust-nodejs/src/structs/key_packages.rs b/ironfish-rust-nodejs/src/structs/key_packages.rs
@@ -9,10 +9,9 @@ pub struct IdentityKeyPackage {
     pub identity: String,
     pub key_package: String,
 }
-#[napi(object)]
 
+#[napi(object)]
 pub struct TrustedDealerKeyPackages {
-    pub verifying_key: String,
     pub proof_authorizing_key: String,
     pub view_key: String,
     pub incoming_view_key: String,

diff --git a/ironfish-rust/src/frost_utils/split_spender_key.rs b/ironfish-rust/src/frost_utils/split_spender_key.rs
@@ -17,10 +17,7 @@ use crate::{
 
 use super::split_secret::{split_secret, SecretShareConfig};
 
-type AuthorizingKey = [u8; 32];
-
 pub struct TrustedDealerKeyPackages {
-    pub verifying_key: AuthorizingKey, // verifying_key is the name given to this field in the frost protocol
     pub proof_authorizing_key: jubjub::Fr,
     pub view_key: ViewKey,
     pub incoming_view_key: IncomingViewKey,
@@ -31,48 +28,38 @@ pub struct TrustedDealerKeyPackages {
 }
 
 pub fn split_spender_key(
-    coordinator_sapling_key: &SaplingKey,
+    spender_key: &SaplingKey,
     min_signers: u16,
     identities: Vec<Identity>,
 ) -> Result<TrustedDealerKeyPackages, IronfishError> {
-    let secret = coordinator_sapling_key
-        .spend_authorizing_key
-        .to_bytes()
-        .to_vec();
+    let secret = spender_key.spend_authorizing_key.to_bytes().to_vec();
 
     let secret_config = SecretShareConfig {
         min_signers,
         identities,
         secret,
     };
 
-    let rng = thread_rng();
-
-    let (key_packages, public_key_package) = split_secret(&secret_config, rng)?;
+    let (key_packages, public_key_package) = split_secret(&secret_config, thread_rng())?;
 
-    let authorizing_key_bytes = public_key_package.verifying_key().serialize();
+    let proof_authorizing_key = spender_key.sapling_proof_generation_key().nsk;
 
-    let authorizing_key = Option::from(SubgroupPoint::from_bytes(&authorizing_key_bytes))
+    let authorizing_key = public_key_package.verifying_key().serialize();
+    let authorizing_key = Option::from(SubgroupPoint::from_bytes(&authorizing_key))
         .ok_or_else(|| IronfishError::new(IronfishErrorKind::InvalidAuthorizingKey))?;
-
-    let proof_authorizing_key = coordinator_sapling_key.sapling_proof_generation_key().nsk;
-
-    let nullifier_deriving_key = *PROOF_GENERATION_KEY_GENERATOR
-        * coordinator_sapling_key.sapling_proof_generation_key().nsk;
-
+    let nullifier_deriving_key =
+        *PROOF_GENERATION_KEY_GENERATOR * spender_key.sapling_proof_generation_key().nsk;
     let view_key = ViewKey {
         authorizing_key,
         nullifier_deriving_key,
     };
 
-    let incoming_view_key = coordinator_sapling_key.incoming_view_key().clone();
-
-    let outgoing_view_key: OutgoingViewKey = coordinator_sapling_key.outgoing_view_key().clone();
+    let incoming_view_key = spender_key.incoming_view_key().clone();
+    let outgoing_view_key: OutgoingViewKey = spender_key.outgoing_view_key().clone();
 
     let public_address = incoming_view_key.public_address();
 
     Ok(TrustedDealerKeyPackages {
-        verifying_key: authorizing_key_bytes,
         proof_authorizing_key,
         view_key,
         incoming_view_key,

diff --git a/ironfish/src/rpc/routes/wallet/multisig/createTrustedDealerKeyPackage.test.ts b/ironfish/src/rpc/routes/wallet/multisig/createTrustedDealerKeyPackage.test.ts
@@ -17,7 +17,12 @@ describe('Route multisig/createTrustedDealerKeyPackage', () => {
       .waitForEnd()
 
     expect(response.content).toMatchObject({
+      publicAddress: expect.any(String),
+      publicKeyPackage: expect.any(String),
+      proofAuthorizingKey: expect.any(String),
+      viewKey: expect.any(String),
       incomingViewKey: expect.any(String),
+      outgoingViewKey: expect.any(String),
       keyPackages: expect.arrayContaining([
         {
           identity: participants[0].identity,
@@ -32,12 +37,6 @@ describe('Route multisig/createTrustedDealerKeyPackage', () => {
           keyPackage: expect.any(String),
         },
       ]),
-      outgoingViewKey: expect.any(String),
-      proofAuthorizingKey: expect.any(String),
-      publicAddress: expect.any(String),
-      publicKeyPackage: expect.any(String),
-      verifyingKey: expect.any(String),
-      viewKey: expect.any(String),
     })
   })
 })
diff --git a/ironfish/src/rpc/routes/wallet/multisig/createTrustedDealerKeyPackage.ts b/ironfish/src/rpc/routes/wallet/multisig/createTrustedDealerKeyPackage.ts
@@ -13,7 +13,6 @@ export type CreateTrustedDealerKeyPackageRequest = {
   }>
 }
 export type CreateTrustedDealerKeyPackageResponse = {
-  verifyingKey: string
   proofAuthorizingKey: string
   viewKey: string
   incomingViewKey: string
@@ -42,7 +41,6 @@ export const CreateTrustedDealerKeyPackageRequestSchema: yup.ObjectSchema<Create
 export const CreateTrustedDealerKeyPackageResponseSchema: yup.ObjectSchema<CreateTrustedDealerKeyPackageResponse> =
   yup
     .object({
-      verifyingKey: yup.string().defined(),
       proofAuthorizingKey: yup.string().defined(),
       viewKey: yup.string().defined(),
       incomingViewKey: yup.string().defined(),