absolutebi/serai
1
0
Fork 0
mirror of https://github.com/serai-dex/serai.git synced 2025-12-09 12:49:23 +00:00
Code Issues Packages Projects Releases Wiki Activity

Move verify_share to return batch-verifiable statements

Browse Source 
While the previous construction achieved n/2 average detection,
this will run in log2(n). Unfortunately, the need to keep entropy
around (or take in an RNG here) remains.
This commit is contained in:
Luke Parker
2022-12-13 20:25:32 -05:00
parent 9c65518dc3
commit 25f1549c6c
14 changed files with 81 additions and 59 deletions
Download Patch File Download Diff File Expand all files Collapse all files

30
crypto/frost/src/algorithm.rs
View File

@@ -2,7 +2,7 @@ use core::{marker::PhantomData, fmt::Debug};
use std::io::{self, Read, Write};
use zeroize::Zeroizing;
use rand::{RngCore, CryptoRng};
use rand_core::{RngCore, CryptoRng};
use transcript::Transcript;
@@ -75,10 +75,16 @@ pub trait Algorithm<C: Curve>: Clone {
#[must_use]
fn verify(&self, group_key: C::G, nonces: &[Vec<C::G>], sum: C::F) -> Option<Self::Signature>;
/// Verify a specific share given as a response. Used to determine blame if signature
/// verification fails.
#[must_use]
fn verify_share(&self, verification_share: C::G, nonces: &[Vec<C::G>], share: C::F) -> bool;
/// Verify a specific share given as a response.
/// This function should return a series of pairs whose products should sum to zero for a valid
/// share. Any error raised is treated as the share being invalid.
#[allow(clippy::type_complexity, clippy::result_unit_err)]
fn verify_share(
&self,
verification_share: C::G,
nonces: &[Vec<C::G>],
share: C::F,
) -> Result<Vec<(C::F, C::G)>, ()>;
}
/// IETF-compliant transcript. This is incredibly naive and should not be used within larger
@@ -176,8 +182,16 @@ impl<C: Curve, H: Hram<C>> Algorithm<C> for Schnorr<C, H> {
Some(sig).filter(|sig| sig.verify(group_key, self.c.unwrap()))
}
#[must_use]
fn verify_share(&self, verification_share: C::G, nonces: &[Vec<C::G>], share: C::F) -> bool {
SchnorrSignature::<C> { R: nonces[0][0], s: share }.verify(verification_share, self.c.unwrap())
fn verify_share(
&self,
verification_share: C::G,
nonces: &[Vec<C::G>],
share: C::F,
) -> Result<Vec<(C::F, C::G)>, ()> {
Ok(
SchnorrSignature::<C> { R: nonces[0][0], s: share }
.batch_statements(verification_share, self.c.unwrap())
.to_vec(),
)
}
}