ppvss 0.0.1-alpha

An implmentation of Pre-constructed Publicly Verifiable Secret Sharing
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107

# Pre-Constructed Publicly Verifiable Secret Sharing (PPVSS)

> ⚠️ **DEVELOPMENT WARNING** ⚠️
> 
> This crate is currently **under active development** and **should NOT be used in production** until a stable version (1.0.0) is released. The API may change significantly, security properties are not yet guaranteed, and the implementation may contain bugs or vulnerabilities.

A Rust implementation of Pre-Constructed Publicly Verifiable Secret Sharing (PPVSS) based on the paper "Pre-Constructed Publicly Verifiable Secret Sharing and Applications".

## Overview

This crate provides a PPVSS scheme that allows:
- **Public Verifiability**: Anyone can verify that shares were correctly distributed without access to the shares themselves
- **Pre-Construction**: Shares can be prepared and encrypted before the secret is known
- **Threshold Reconstruction**: Any k out of n participants can reconstruct the secret
- **Robust Security**: Invalid shares and malicious participants can be detected and excluded

## Features

- **Working Prototype**: Basic PPVSS functionality with share encryption/decryption
-**Age Encryption**: Uses the modern `age` encryption library for secure share encryption
-**Shamir's Secret Sharing**: Built on the battle-tested `secretsharing_shamir` implementation
-**Example Applications**: Two complete examples demonstrating usage
- 🚧 **Zero-Knowledge Proofs**: Non-interactive ZK proofs (library selection in progress)
- 🚧 **Public Verification**: Full public verifiability (under development)
- 🚧 **Security Audit**: Comprehensive security review (pending)

## Installation

Add this to your `Cargo.toml`:

```toml
[dependencies]
ppvss = "0.0.1-alpha"
```



## Architecture

The crate is built on several key dependencies:

- **[`age`](https://crates.io/crates/age)**: Modern, secure encryption for protecting individual shares
- **[`secretsharing_shamir`](https://crates.io/crates/secretsharing_shamir)**: Robust implementation of Shamir's Secret Sharing
- **Zero-Knowledge Proofs**: *(Library selection in progress)* - For non-interactive public verification

## Examples

The crate includes two comprehensive examples:

1. **Basic PPVSS**: Demonstrates core functionality with threshold secret sharing
2. **Advanced Usage**: Shows integration with custom cryptographic primitives

## Current Limitations

⚠️ **This implementation is incomplete and should not be used in production:**

- **Missing ZK Proofs**: Public verifiability requires zero-knowledge proofs (not yet implemented)
- **Security Review Pending**: No formal security audit has been conducted
- **API Instability**: The public API may change significantly before v1.0.0
- **Limited Testing**: Comprehensive test suite and fuzzing not yet complete
- **Performance Unoptimized**: Current focus is on correctness, not performance

## Roadmap to v1.0.0

- [ ] **Zero-Knowledge Proof Integration**: Select and integrate a suitable ZK proof library
- [ ] **Complete Public Verification**: Implement full PPVSS verification protocol
- [ ] **Security Audit**: Professional cryptographic review
- [ ] **Comprehensive Testing**: Unit tests, integration tests, and property-based testing
- [ ] **Performance Optimization**: Benchmarking and optimization
- [ ] **Documentation**: Complete API documentation and usage guides
- [ ] **Constant-Time Operations**: Ensure timing attack resistance

## Contributing

Contributions are welcome! However, please note:

- This is experimental cryptographic software - exercise extreme caution
- All contributions will be thoroughly reviewed for security implications
- Breaking changes are expected until v1.0.0

### Development Setup

Please refer to the examples included in the crate for usage demonstrations.

## Security Notice

⚠️ **CRYPTOGRAPHIC SOFTWARE WARNING**

This crate implements cryptographic primitives and protocols. It has **NOT** undergone professional cryptographic review and may contain serious vulnerabilities. Do not use this library to protect sensitive data until:

1. A stable version (1.0.0+) is released
2. The implementation has been audited by qualified cryptographers
3. You understand the security assumptions and limitations

## References

- Paper: "Pre-Constructed Publicly Verifiable Secret Sharing and Applications"
- [Age Encryption Specification](https://age-encryption.org/)
- [Shamir's Secret Sharing](https://crates.io/crates/secretsharing_shamir)

## License

Licensed under the Apache License, Version 2.0 ([LICENSE](LICENSE) or http://www.apache.org/licenses/LICENSE-2.0)

## Disclaimer

This software is provided "as is" without warranty of any kind. The authors disclaim all liability for any damages arising from the use of this cryptographic software.