1
  2
  3
  4
  5
  6
  7
  8
  9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
104
105
106
107

use crate::*;
use ed25519_dalek::PublicKey;
use ed25519_dalek::SecretKey;
use uuid::Uuid;

/// Transaction 3: SecretShare
///
/// The SecretShareTransaction is published by trustees, with one transaction created per trustee.
///
/// After the trustee determins that voting is over and all votes may be decrypted, they publish
/// a SecretShareTransaction, revealing the secret-share that was delt to them by the election authority.
#[derive(Serialize, Deserialize, Debug, Clone)]
pub struct SecretShareTransaction {
    pub id: Identifier,
    pub election: Identifier,
    pub trustee_id: Uuid,

    #[serde(with = "EdPublicKeyHex")]
    pub public_key: PublicKey,

    #[serde(with = "hex_serde")]
    pub secret_share: Vec<u8>,
}

impl SecretShareTransaction {
    /// Create a new SecretShare Transaction
    pub fn new(election_id: Identifier, trustee: Trustee, secret_share: Vec<u8>) -> Self {
        let secret_share = SecretShareTransaction {
            id: Self::build_id(election_id, trustee.id),
            election: election_id,
            trustee_id: trustee.id,
            public_key: trustee.public_key,
            secret_share: secret_share,
        };

        secret_share
    }

    pub fn build_id(election_id: Identifier, trustee_id: Uuid) -> Identifier {
        Identifier::new(
            election_id,
            TransactionType::SecretShare,
            trustee_id.as_bytes(),
        )
    }
}

impl Signable for SecretShareTransaction {
    fn id(&self) -> Identifier {
        self.id
    }

    // TODO: election authority public key
    fn public(&self) -> Option<PublicKey> {
        Some(self.public_key)
    }

    fn inputs(&self) -> Vec<Identifier> {
        // Only requires election as input
        vec![self.election]
    }

    /// Validate the transaction
    fn validate_tx<S: Store>(&self, store: &S) -> Result<(), ValidationError> {
        let election = store.get_election(self.election)?;

        // TODO: check self.id.election_id vs self.election_id
        if self.election != election.id {
            return Err(ValidationError::ElectionMismatch);
        }
        let trustee = election
            .get_trustee(self.trustee_id)
            .ok_or(ValidationError::TrusteeDoesNotExist)?;

        if trustee.public_key != self.public_key {
            return Err(ValidationError::InvalidPublicKey);
        }

        Ok(())
    }
}

/// A trustee is responsible for safeguarding a secret share (a portion of the secret vote decryption key),
/// distributed by the election authority via Shamir Secret Sharing.
///
/// Most elections will have a handful of trustees (between 3 and 30), with a quorum being set to about 2/3
/// the total number of trustees. Any quorum of trustees may decrypt the votes.
#[derive(Serialize, Deserialize, Debug, Clone)]
pub struct Trustee {
    pub id: uuid::Uuid,

    #[serde(with = "EdPublicKeyHex")]
    pub public_key: PublicKey,
}

impl Trustee {
    /// Create a new trustee
    pub fn new() -> (Self, SecretKey) {
        let (secret, public) = generate_keypair();

        let trustee = Trustee {
            id: Uuid::new_v4(),
            public_key: public,
        };
        return (trustee, secret);
    }
}