From 732cbe55c8d173796410a16b1c2a1284165d1f65 Mon Sep 17 00:00:00 2001 From: Andrea Date: Tue, 27 Feb 2024 15:09:54 -0800 Subject: [PATCH] Improve the terminology used around multisig - Rename `verifying_key` (used by FROST) to `authorizing_key` (used by Iron Fish) - Drop `verifyingKey`/`authorizingKey` from the output of `createTrustedDealerKeyPackage` as it is not needed - Remove the term "coordinator" in places where it should actually be "trusted dealer" - Rename 1-letter variables --- ironfish-rust-nodejs/index.d.ts | 3 +- ironfish-rust-nodejs/src/frost.rs | 31 +++++++++-------- .../src/structs/key_packages.rs | 3 +- .../src/frost_utils/split_spender_key.rs | 33 ++++++------------- .../createTrustedDealerKeyPackage.test.ts | 11 +++---- .../multisig/createTrustedDealerKeyPackage.ts | 2 -- 6 files changed, 34 insertions(+), 49 deletions(-) diff --git a/ironfish-rust-nodejs/index.d.ts b/ironfish-rust-nodejs/index.d.ts index 9edb006086..828958bc65 100644 --- a/ironfish-rust-nodejs/index.d.ts +++ b/ironfish-rust-nodejs/index.d.ts @@ -6,7 +6,7 @@ export const IDENTITY_LEN: number export function createSigningCommitment(identity: string, keyPackage: string, transactionHash: Buffer, signers: Array): string export function createSignatureShare(identity: string, keyPackage: string, signingPackage: string): string -export function splitSecret(coordinatorSaplingKey: string, minSigners: number, identities: Array): TrustedDealerKeyPackages +export function splitSecret(spendingKey: string, minSigners: number, identities: Array): TrustedDealerKeyPackages export function contribute(inputPath: string, outputPath: string, seed?: string | undefined | null): Promise export function verifyTransform(paramsPath: string, newParamsPath: string): Promise export const KEY_LENGTH: number @@ -59,7 +59,6 @@ export interface IdentityKeyPackage { keyPackage: string } export interface TrustedDealerKeyPackages { - verifyingKey: string proofAuthorizingKey: string viewKey: string incomingViewKey: string diff --git a/ironfish-rust-nodejs/src/frost.rs b/ironfish-rust-nodejs/src/frost.rs index 529bedbad2..d2ea1b0517 100644 --- a/ironfish-rust-nodejs/src/frost.rs +++ b/ironfish-rust-nodejs/src/frost.rs @@ -177,35 +177,38 @@ impl ParticipantIdentity { #[napi] pub fn split_secret( - coordinator_sapling_key: String, + spending_key: String, min_signers: u16, identities: Vec, ) -> Result { - let coordinator_key = hex_to_bytes(&coordinator_sapling_key) + let spending_key = hex_to_bytes(&spending_key) .and_then(SaplingKey::new) .map_err(to_napi_err)?; let identities = try_deserialize_identities(identities)?; - let t = split_spender_key(&coordinator_key, min_signers, identities).map_err(to_napi_err)?; + let packages = + split_spender_key(&spending_key, min_signers, identities).map_err(to_napi_err)?; - let mut key_packages = Vec::with_capacity(t.key_packages.len()); - for (k, v) in t.key_packages.iter() { + let mut key_packages = Vec::with_capacity(packages.key_packages.len()); + for (identity, key_package) in packages.key_packages.iter() { key_packages.push(IdentityKeyPackage { - identity: bytes_to_hex(&k.serialize()), - key_package: bytes_to_hex(&v.serialize().map_err(to_napi_err)?), + identity: bytes_to_hex(&identity.serialize()), + key_package: bytes_to_hex(&key_package.serialize().map_err(to_napi_err)?), }); } - let public_key_package = t.public_key_package.serialize().map_err(to_napi_err)?; + let public_key_package = packages + .public_key_package + .serialize() + .map_err(to_napi_err)?; Ok(TrustedDealerKeyPackages { - verifying_key: bytes_to_hex(&t.verifying_key), - proof_authorizing_key: t.proof_authorizing_key.hex_key(), - view_key: t.view_key.hex_key(), - incoming_view_key: t.incoming_view_key.hex_key(), - outgoing_view_key: t.outgoing_view_key.hex_key(), - public_address: t.public_address.hex_public_address(), + proof_authorizing_key: packages.proof_authorizing_key.hex_key(), + view_key: packages.view_key.hex_key(), + incoming_view_key: packages.incoming_view_key.hex_key(), + outgoing_view_key: packages.outgoing_view_key.hex_key(), + public_address: packages.public_address.hex_public_address(), key_packages, public_key_package: bytes_to_hex(&public_key_package), }) diff --git a/ironfish-rust-nodejs/src/structs/key_packages.rs b/ironfish-rust-nodejs/src/structs/key_packages.rs index d4c6070c22..7b45105ea2 100644 --- a/ironfish-rust-nodejs/src/structs/key_packages.rs +++ b/ironfish-rust-nodejs/src/structs/key_packages.rs @@ -9,10 +9,9 @@ pub struct IdentityKeyPackage { pub identity: String, pub key_package: String, } -#[napi(object)] +#[napi(object)] pub struct TrustedDealerKeyPackages { - pub verifying_key: String, pub proof_authorizing_key: String, pub view_key: String, pub incoming_view_key: String, diff --git a/ironfish-rust/src/frost_utils/split_spender_key.rs b/ironfish-rust/src/frost_utils/split_spender_key.rs index ff39e4704a..120ae06deb 100644 --- a/ironfish-rust/src/frost_utils/split_spender_key.rs +++ b/ironfish-rust/src/frost_utils/split_spender_key.rs @@ -17,10 +17,7 @@ use crate::{ use super::split_secret::{split_secret, SecretShareConfig}; -type AuthorizingKey = [u8; 32]; - pub struct TrustedDealerKeyPackages { - pub verifying_key: AuthorizingKey, // verifying_key is the name given to this field in the frost protocol pub proof_authorizing_key: jubjub::Fr, pub view_key: ViewKey, pub incoming_view_key: IncomingViewKey, @@ -31,14 +28,11 @@ pub struct TrustedDealerKeyPackages { } pub fn split_spender_key( - coordinator_sapling_key: &SaplingKey, + spender_key: &SaplingKey, min_signers: u16, identities: Vec, ) -> Result { - let secret = coordinator_sapling_key - .spend_authorizing_key - .to_bytes() - .to_vec(); + let secret = spender_key.spend_authorizing_key.to_bytes().to_vec(); let secret_config = SecretShareConfig { min_signers, @@ -46,33 +40,26 @@ pub fn split_spender_key( secret, }; - let rng = thread_rng(); - - let (key_packages, public_key_package) = split_secret(&secret_config, rng)?; + let (key_packages, public_key_package) = split_secret(&secret_config, thread_rng())?; - let authorizing_key_bytes = public_key_package.verifying_key().serialize(); + let proof_authorizing_key = spender_key.sapling_proof_generation_key().nsk; - let authorizing_key = Option::from(SubgroupPoint::from_bytes(&authorizing_key_bytes)) + let authorizing_key = public_key_package.verifying_key().serialize(); + let authorizing_key = Option::from(SubgroupPoint::from_bytes(&authorizing_key)) .ok_or_else(|| IronfishError::new(IronfishErrorKind::InvalidAuthorizingKey))?; - - let proof_authorizing_key = coordinator_sapling_key.sapling_proof_generation_key().nsk; - - let nullifier_deriving_key = *PROOF_GENERATION_KEY_GENERATOR - * coordinator_sapling_key.sapling_proof_generation_key().nsk; - + let nullifier_deriving_key = + *PROOF_GENERATION_KEY_GENERATOR * spender_key.sapling_proof_generation_key().nsk; let view_key = ViewKey { authorizing_key, nullifier_deriving_key, }; - let incoming_view_key = coordinator_sapling_key.incoming_view_key().clone(); - - let outgoing_view_key: OutgoingViewKey = coordinator_sapling_key.outgoing_view_key().clone(); + let incoming_view_key = spender_key.incoming_view_key().clone(); + let outgoing_view_key: OutgoingViewKey = spender_key.outgoing_view_key().clone(); let public_address = incoming_view_key.public_address(); Ok(TrustedDealerKeyPackages { - verifying_key: authorizing_key_bytes, proof_authorizing_key, view_key, incoming_view_key, diff --git a/ironfish/src/rpc/routes/wallet/multisig/createTrustedDealerKeyPackage.test.ts b/ironfish/src/rpc/routes/wallet/multisig/createTrustedDealerKeyPackage.test.ts index 3ec492b913..471455d1d4 100644 --- a/ironfish/src/rpc/routes/wallet/multisig/createTrustedDealerKeyPackage.test.ts +++ b/ironfish/src/rpc/routes/wallet/multisig/createTrustedDealerKeyPackage.test.ts @@ -17,7 +17,12 @@ describe('Route multisig/createTrustedDealerKeyPackage', () => { .waitForEnd() expect(response.content).toMatchObject({ + publicAddress: expect.any(String), + publicKeyPackage: expect.any(String), + proofAuthorizingKey: expect.any(String), + viewKey: expect.any(String), incomingViewKey: expect.any(String), + outgoingViewKey: expect.any(String), keyPackages: expect.arrayContaining([ { identity: participants[0].identity, @@ -32,12 +37,6 @@ describe('Route multisig/createTrustedDealerKeyPackage', () => { keyPackage: expect.any(String), }, ]), - outgoingViewKey: expect.any(String), - proofAuthorizingKey: expect.any(String), - publicAddress: expect.any(String), - publicKeyPackage: expect.any(String), - verifyingKey: expect.any(String), - viewKey: expect.any(String), }) }) }) diff --git a/ironfish/src/rpc/routes/wallet/multisig/createTrustedDealerKeyPackage.ts b/ironfish/src/rpc/routes/wallet/multisig/createTrustedDealerKeyPackage.ts index aa5564eebf..0e19ef93a6 100644 --- a/ironfish/src/rpc/routes/wallet/multisig/createTrustedDealerKeyPackage.ts +++ b/ironfish/src/rpc/routes/wallet/multisig/createTrustedDealerKeyPackage.ts @@ -13,7 +13,6 @@ export type CreateTrustedDealerKeyPackageRequest = { }> } export type CreateTrustedDealerKeyPackageResponse = { - verifyingKey: string proofAuthorizingKey: string viewKey: string incomingViewKey: string @@ -42,7 +41,6 @@ export const CreateTrustedDealerKeyPackageRequestSchema: yup.ObjectSchema = yup .object({ - verifyingKey: yup.string().defined(), proofAuthorizingKey: yup.string().defined(), viewKey: yup.string().defined(), incomingViewKey: yup.string().defined(),