Skip to content

Commit

Permalink
refactor: use pi-prm proof in fs-dkr
Browse files Browse the repository at this point in the history
  • Loading branch information
@ivokub
ivokub committed Nov 7, 2023
1 parent 70309b2 commit b70b789
Show file tree
Hide file tree
Showing 4 changed files with 50 additions and 241 deletions.
56 changes: 24 additions & 32 deletions fs-dkr/src/add_party_message.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -35,10 +35,9 @@ use multi_party_ecdsa::protocols::multi_party_ecdsa::gg_2020::{
};
use paillier::{Decrypt, EncryptionKey, Paillier};
use serde::{Deserialize, Serialize};
use std::{collections::HashMap, fmt::Debug};
use std::{collections::HashMap, fmt::Debug, marker::PhantomData};
use zk_paillier::zkproofs::NiCorrectKeyProof;

use crate::ring_pedersen_proof::{RingPedersenProof, RingPedersenStatement};
use tss_core::utilities::generate_safe_h1_h2_N_tilde;
use tss_core::zkproof::prm::{PiPrmProof, PiPrmStatement, PiPrmWitness};

Expand All @@ -52,8 +51,9 @@ pub struct JoinMessage<E: Curve, H: Digest + Clone, const M: usize> {
pub(crate) dlog_statement: PiPrmStatement,
pub(crate) composite_dlog_proof_base_h1: PiPrmProof,
pub(crate) composite_dlog_proof_base_h2: PiPrmProof,
pub(crate) ring_pedersen_statement: RingPedersenStatement<E, H>,
pub(crate) ring_pedersen_proof: RingPedersenProof<E, H, M>,
pub(crate) ring_pedersen_pi_prm_statement: PiPrmStatement,
pub(crate) ring_pedersen_pi_prm_proof: PiPrmProof,
pub phantom: PhantomData<(E, H)>,
}

/// Generates the DlogStatement and CompositeProofs using the parameters
Expand Down Expand Up @@ -98,13 +98,12 @@ impl<E: Curve, H: Digest + Clone, const M: usize> JoinMessage<E, H, M> {
composite_dlog_proof_base_h2,
) = generate_dlog_statement_proofs()?;

let (ring_pedersen_statement, ring_pedersen_witness) =
RingPedersenStatement::generate();

let ring_pedersen_proof = RingPedersenProof::prove(
&ring_pedersen_witness,
&ring_pedersen_statement,
);
let (rpparam, rpwitness) = generate_safe_h1_h2_N_tilde();
let pi_prm_statement = PiPrmStatement::from(&rpparam);
let pi_prm_witness = PiPrmWitness::from(&rpwitness);
let pi_prm_proof =
PiPrmProof::prove(&pi_prm_statement, &pi_prm_witness)
.map_err(|_| FsDkrError::RingPedersenProofError {})?;

let join_message = JoinMessage {
// in a join message, we only care about the ek and the correctness
Expand All @@ -117,9 +116,10 @@ impl<E: Curve, H: Digest + Clone, const M: usize> JoinMessage<E, H, M> {
dlog_statement,
composite_dlog_proof_base_h1,
composite_dlog_proof_base_h2,
ring_pedersen_statement,
ring_pedersen_proof,
ring_pedersen_pi_prm_statement: pi_prm_statement,
ring_pedersen_pi_prm_proof: pi_prm_proof,
party_index: None,
phantom: PhantomData {},
};

Ok((join_message, paillier_key_pair))
Expand Down Expand Up @@ -149,29 +149,21 @@ impl<E: Curve, H: Digest + Clone, const M: usize> JoinMessage<E, H, M> {
RefreshMessage::validate_collect(refresh_messages, current_t, new_n)?;

for refresh_message in refresh_messages.iter() {
RingPedersenProof::verify(
&refresh_message.ring_pedersen_proof,
&refresh_message.ring_pedersen_statement,
)
.map_err(|_| {
FsDkrError::RingPedersenProofValidation {
refresh_message
.ring_pedersen_pi_prm_proof
.verify(&refresh_message.ring_pedersen_pi_prm_statement)
.map_err(|_| FsDkrError::RingPedersenProofValidation {
party_index: refresh_message.party_index,
}
})?;
})?;
}

for join_message in join_messages.iter() {
RingPedersenProof::verify(
&join_message.ring_pedersen_proof,
&join_message.ring_pedersen_statement,
)
.map_err(|e| {
if let Some(party_index) = join_message.party_index {
FsDkrError::RingPedersenProofValidation { party_index }
} else {
e
}
})?;
join_message
.ring_pedersen_pi_prm_proof
.verify(&join_message.ring_pedersen_pi_prm_statement)
.map_err(|_| FsDkrError::RingPedersenProofValidation {
party_index: join_message.party_index.unwrap_or(0),
})?;
}

// check if a party_index has been assigned to the current party
Expand Down
1 change: 0 additions & 1 deletion fs-dkr/src/lib.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -18,7 +18,6 @@ pub mod add_party_message;
pub mod error;
pub mod range_proofs;
pub mod refresh_message;
pub mod ring_pedersen_proof;
pub mod zk_pdl_with_slack;

mod test;
Expand Down
48 changes: 26 additions & 22 deletions fs-dkr/src/refresh_message.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -23,9 +23,10 @@ use serde::{Deserialize, Serialize};
use std::{borrow::Borrow, collections::HashMap, fmt::Debug};
use zeroize::Zeroize;
use zk_paillier::zkproofs::{NiCorrectKeyProof, SALT_STRING};
use tss_core::zkproof::prm::PiPrmStatement;

use crate::ring_pedersen_proof::{RingPedersenProof, RingPedersenStatement};
use tss_core::{
utilities::generate_safe_h1_h2_N_tilde,
zkproof::prm::{PiPrmStatement, PiPrmWitness, PiPrmProof},
};

// Everything here can be broadcasted
#[derive(Debug, Clone, Deserialize, Serialize)]
Expand All @@ -43,8 +44,8 @@ pub struct RefreshMessage<E: Curve, H: Digest + Clone, const M: usize> {
pub(crate) ek: EncryptionKey,
pub(crate) remove_party_indices: Vec<u16>,
pub(crate) public_key: Point<E>,
pub(crate) ring_pedersen_statement: RingPedersenStatement<E, H>,
pub(crate) ring_pedersen_proof: RingPedersenProof<E, H, M>,
pub(crate) ring_pedersen_pi_prm_statement: PiPrmStatement,
pub(crate) ring_pedersen_pi_prm_proof: PiPrmProof,
#[serde(skip)]
pub hash_choice: HashChoice<H>,
}
Expand Down Expand Up @@ -125,14 +126,13 @@ impl<E: Curve, H: Digest + Clone, const M: usize> RefreshMessage<E, H, M> {
Paillier::keypair_with_modulus_size(crate::PAILLIER_KEY_SIZE)
.keys();
let dk_correctness_proof = NiCorrectKeyProof::proof(&dk, None);
let (rpparam, rpwitness) = generate_safe_h1_h2_N_tilde();
let pi_prm_statement = PiPrmStatement::from(&rpparam);
let pi_prm_witness = PiPrmWitness::from(&rpwitness);
let pi_prm_proof =
PiPrmProof::prove(&pi_prm_statement, &pi_prm_witness)
.map_err(|_| FsDkrError::RingPedersenProofError {})?;

let (ring_pedersen_statement, ring_pedersen_witness) =
RingPedersenStatement::generate();

let ring_pedersen_proof = RingPedersenProof::prove(
&ring_pedersen_witness,
&ring_pedersen_statement,
);
Ok((
RefreshMessage {
old_party_index,
Expand All @@ -149,8 +149,8 @@ impl<E: Curve, H: Digest + Clone, const M: usize> RefreshMessage<E, H, M> {
ek,
remove_party_indices: Vec::new(),
public_key: local_key.y_sum_s.clone(),
ring_pedersen_statement,
ring_pedersen_proof,
ring_pedersen_pi_prm_statement: pi_prm_statement,
ring_pedersen_pi_prm_proof: pi_prm_proof,
hash_choice: HashChoice::new(),
},
dk,
Expand Down Expand Up @@ -389,17 +389,21 @@ impl<E: Curve, H: Digest + Clone, const M: usize> RefreshMessage<E, H, M> {

// Verify ring-pedersen parameters
for refresh_message in refresh_messages.iter() {
RingPedersenProof::verify(
&refresh_message.ring_pedersen_proof,
&refresh_message.ring_pedersen_statement,
)?;
refresh_message
.ring_pedersen_pi_prm_proof
.verify(&refresh_message.ring_pedersen_pi_prm_statement)
.map_err(|_| FsDkrError::RingPedersenProofValidation {
party_index: refresh_message.party_index,
})?;
}

for join_message in join_messages.iter() {
RingPedersenProof::verify(
&join_message.ring_pedersen_proof,
&join_message.ring_pedersen_statement,
)?;
join_message
.ring_pedersen_pi_prm_proof
.verify(&join_message.ring_pedersen_pi_prm_statement)
.map_err(|_| FsDkrError::RingPedersenProofValidation {
party_index: join_message.party_index.unwrap_or(0),
})?;
}

let old_ek =
Expand Down
186 changes: 0 additions & 186 deletions fs-dkr/src/ring_pedersen_proof.rs
View file

This file was deleted.

0 comments on commit b70b789

Please sign in to comment.