Skip to main content

Party

dkls23::protocols

Struct Party 

Source 
pub struct Party<C>
where
    C: DklsCurve,
{
    pub parameters: Parameters,
    pub party_index: PartyIndex,
    pub session_id: Vec<u8>,
    pub poly_point: <C as CurveArithmetic>::Scalar,
    pub pk: <C as CurveArithmetic>::AffinePoint,
    pub zero_share: ZeroShare,
    pub mul_senders: BTreeMap<PartyIndex, MulSender<C>>,
    pub mul_receivers: BTreeMap<PartyIndex, MulReceiver<C>>,
    pub derivation_data: DerivData<C>,
    pub address: String,
}
Expand description

Represents a party after key generation ready to sign a message.

Fields§

§parameters: Parameters§party_index: PartyIndex§session_id: Vec<u8>§poly_point: <C as CurveArithmetic>::Scalar

Behaves as the secret key share.

§pk: <C as CurveArithmetic>::AffinePoint

Public key.

§zero_share: ZeroShare

Used for computing shares of zero during signing.

§mul_senders: BTreeMap<PartyIndex, MulSender<C>>

Initializations for two-party multiplication. The key in the BTreeMap represents the other party.

§mul_receivers: BTreeMap<PartyIndex, MulReceiver<C>>§derivation_data: DerivData<C>

Data for BIP-32 derivation.

§address: String

Address calculated from the public key.

Implementations§

Source§

impl<C> Party<C>
where C: DklsCurve,

Implementations related to BIP-32 derivation (read more).

Source

pub fn derive_child( &self, child_number: u32, address_fn: impl Fn(&<C as CurveArithmetic>::AffinePoint) -> String, ) -> Result<Party<C>, ErrorDeriv>

Derives an instance of Party given a child number.

The address_fn parameter computes the address from the derived public key.

§Errors

Will return Err if the DerivData::derive_child fails.

Source

pub fn derive_from_path( &self, path: &str, address_fn: impl Fn(&<C as CurveArithmetic>::AffinePoint) -> String, ) -> Result<Party<C>, ErrorDeriv>

Derives an instance of Party following a path on the “key tree”.

See https://github.com/bitcoin/bips/blob/master/bip-0032.mediawiki for the description of a possible path (and don’t forget that hardened derivations are not implemented).

§Errors

Will return Err if the DerivData::derive_from_path fails.

Source§

impl<C> Party<C>
where C: DklsCurve,

Implementations related to refresh protocols (read more).

Source

pub fn refresh_complete_phase1(&self) -> Vec<<C as CurveArithmetic>::Scalar>

Works as Phase 1 in DKG, but with the alterations needed for the refresh protocol.

The output should be dealt in the same way.

Source

pub fn refresh_complete_phase2( &self, refresh_sid: &[u8], poly_fragments: &[<C as CurveArithmetic>::Scalar], ) -> (<C as CurveArithmetic>::Scalar, ProofCommitment<C>, BTreeMap<PartyIndex, KeepInitZeroSharePhase2to3>, Vec<TransmitInitZeroSharePhase2to4>)

Works as Phase 2 in DKG, but the derivation part is omitted.

The output should be dealt in the same way. The only difference is that we will refer to the scalarpoly_point as correction_value.

Source

pub fn refresh_complete_phase3( &self, refresh_sid: &[u8], zero_kept: &BTreeMap<PartyIndex, KeepInitZeroSharePhase2to3>, ) -> (BTreeMap<PartyIndex, KeepInitZeroSharePhase3to4>, Vec<TransmitInitZeroSharePhase3to4>, BTreeMap<PartyIndex, KeepInitMulPhase3to4<C>>, Vec<TransmitInitMulPhase3to4<C>>)

Works as Phase 3 in DKG, but the derivation part is omitted.

The output should be dealt in the same way.

Source

pub fn refresh_complete_phase4( &self, refresh_sid: &[u8], correction_value: &<C as CurveArithmetic>::Scalar, proofs_commitments: &[ProofCommitment<C>], zero_kept: &BTreeMap<PartyIndex, KeepInitZeroSharePhase3to4>, zero_received_phase2: &[TransmitInitZeroSharePhase2to4], zero_received_phase3: &[TransmitInitZeroSharePhase3to4], mul_kept: &BTreeMap<PartyIndex, KeepInitMulPhase3to4<C>>, mul_received: &[TransmitInitMulPhase3to4<C>], ) -> Result<Party<C>, Abort>

Works as Phase 4 in DKG, but the derivation part is omitted. Moreover, the variable poly_point is now called correction_value.

The output is a new instance of Party which is the previous one refreshed.

§Errors

Will return Err if the verifying public key is not trivial, if a message is not meant for the party, if the zero shares protocol fails when verifying the seeds or if the multiplication protocol fails.

Source

pub fn refresh_phase1(&self) -> Vec<<C as CurveArithmetic>::Scalar>

Works as Phase 1 in DKG, but with the alterations needed for the refresh protocol.

The output should be dealt in the same way.

Source

pub fn refresh_phase2( &self, refresh_sid: &[u8], poly_fragments: &[<C as CurveArithmetic>::Scalar], ) -> (<C as CurveArithmetic>::Scalar, ProofCommitment<C>, BTreeMap<PartyIndex, KeepRefreshPhase2to3>, Vec<TransmitRefreshPhase2to4>)

Works as Phase 2 in DKG, but the derivation part is omitted.

The output should be dealt in the same way. The only difference is that we will refer to the scalarpoly_point as correction_value.

Source

pub fn refresh_phase3( &self, kept: &BTreeMap<PartyIndex, KeepRefreshPhase2to3>, ) -> (BTreeMap<PartyIndex, KeepRefreshPhase3to4>, Vec<TransmitRefreshPhase3to4>)

Works as Phase 3 in DKG, but the multiplication and derivation parts are omitted.

The output should be dealt in the same way.

Source

pub fn refresh_phase4( &self, refresh_sid: &[u8], correction_value: &<C as CurveArithmetic>::Scalar, proofs_commitments: &[ProofCommitment<C>], kept: &BTreeMap<PartyIndex, KeepRefreshPhase3to4>, received_phase2: &[TransmitRefreshPhase2to4], received_phase3: &[TransmitRefreshPhase3to4], ) -> Result<Party<C>, Abort>

Works as Phase 4 in DKG, but the multiplication and derivation parts are omitted. Moreover, the variable poly_point is now called correction_value.

The output is a new instance of Party which is the previous one refreshed.

§Errors

Will return Err if the verifying public key is not trivial, if a message is not meant for the party or if the zero shares protocol fails when verifying the seeds.

§Panics

Will panic if the indices of the parties are different from the ones used in DKG.

Source§

impl<C> Party<C>
where C: DklsCurve,

Implementations related to the DKLs23 signing protocol (read more).

Source

pub fn sign_phase1( &self, data: &SignData, ) -> Result<(UniqueKeep1to2<C>, BTreeMap<PartyIndex, KeepPhase1to2<C>>, Vec<TransmitPhase1to2>), Abort>

Phase 1 for signing: Steps 4, 5 and 6 from Protocol 3.6 in https://eprint.iacr.org/2023/765.pdf.

The outputs should be kept or transmitted according to the conventions here.

§Errors

Will return Err if the number of counterparties is wrong, if any party index is out of range, or if the counterparty list contains our own index.

Source

pub fn sign_phase2( &self, data: &SignData, unique_kept: &UniqueKeep1to2<C>, kept: &BTreeMap<PartyIndex, KeepPhase1to2<C>>, received: &[TransmitPhase1to2], ) -> Result<(UniqueKeep2to3<C>, BTreeMap<PartyIndex, KeepPhase2to3<C>>, Vec<TransmitPhase2to3<C>>), Abort>

Phase 2 for signing: Step 7 from Protocol 3.6 in https://eprint.iacr.org/2023/765.pdf.

The inputs come from the previous phase. The messages received should be gathered in a vector (in any order).

The outputs should be kept or transmitted according to the conventions here.

§Errors

Will return Err if the multiplication protocol fails.

§Panics

Will panic if the list of keys in the BTreeMap’s are incompatible with the party indices in the vector received.

Source

pub fn sign_phase3( &self, data: &SignData, unique_kept: &UniqueKeep2to3<C>, kept: &BTreeMap<PartyIndex, KeepPhase2to3<C>>, received: &[TransmitPhase2to3<C>], ) -> Result<(String, Broadcast3to4<C>), Abort>

Phase 3 for signing: Steps 8 and 9 from Protocol 3.6 in https://eprint.iacr.org/2023/765.pdf.

The inputs come from the previous phase. The messages received should be gathered in a vector (in any order).

The first output is already the value r from the ECDSA signature. The second output should be broadcasted according to the conventions here.

§Errors

Will return Err if some commitment doesn’t verify, if the multiplication protocol fails or if one of the consistency checks is false. The error will also happen if the total instance point is trivial (very unlikely).

§Panics

Will panic if the list of keys in the BTreeMap’s are incompatible with the party indices in the vector received.

Source

pub fn sign_phase4( &self, data: &SignData, x_coord: &str, received: &[Broadcast3to4<C>], normalize: bool, ) -> Result<(String, u8), Abort>

Phase 4 for signing: Step 10 from Protocol 3.6 in https://eprint.iacr.org/2023/765.pdf.

The inputs come from the previous phase. The messages received should be gathered in a vector (in any order). Note that our broadcasted message from the previous round should also appear here.

The first output is the value s from the ECDSA signature. The second output is the recovery id from the ECDSA signature. Note that the parameter ‘v’ isn’t this value, but it is used to compute it. To know how to compute it, check the EIP which standardizes the transaction format that you’re using. For example: EIP-155, EIP-2930, EIP-1559.

§Errors

Will return Err if the final ECDSA signature is invalid or if the denominator in signature assembly is zero.

Trait Implementations§

Source§

impl<C> Clone for Party<C>
where C: Clone + DklsCurve, <C as CurveArithmetic>::Scalar: Clone, <C as CurveArithmetic>::AffinePoint: Clone,

Source§

fn clone(&self) -> Party<C>

Returns a duplicate of the value. Read more
1.0.0 · Source§

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source. Read more
Source§

impl<C> Debug for Party<C>
where C: Debug + DklsCurve, <C as CurveArithmetic>::Scalar: Debug, <C as CurveArithmetic>::AffinePoint: Debug,

Source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result<(), Error>

Formats the value using the given formatter. Read more
Source§

impl<'de, C> Deserialize<'de> for Party<C>
where C: DklsCurve, <C as CurveArithmetic>::AffinePoint: Deserialize<'de>, <C as CurveArithmetic>::Scalar: Deserialize<'de>,

Source§

fn deserialize<__D>( __deserializer: __D, ) -> Result<Party<C>, <__D as Deserializer<'de>>::Error>
where __D: Deserializer<'de>,

Deserialize this value from the given Serde deserializer. Read more
Source§

impl<C> Drop for Party<C>
where C: DklsCurve,

Source§

fn drop(&mut self)

Executes the destructor for this type. Read more
Source§

impl<C> Serialize for Party<C>
where C: DklsCurve, <C as CurveArithmetic>::AffinePoint: Serialize, <C as CurveArithmetic>::Scalar: Serialize,

Source§

fn serialize<__S>( &self, __serializer: __S, ) -> Result<<__S as Serializer>::Ok, <__S as Serializer>::Error>
where __S: Serializer,

Serialize this value into the given Serde serializer. Read more
Source§

impl<C> Zeroize for Party<C>
where C: DklsCurve,

Source§

fn zeroize(&mut self)

Zero out this object from memory using Rust intrinsics which ensure the zeroization operation is not “optimized away” by the compiler.

Auto Trait Implementations§

Blanket Implementations§

Source§

impl<T> Any for T
where T: 'static + ?Sized,

Source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
Source§

impl<T> Borrow<T> for T
where T: ?Sized,

Source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
Source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
Source§

impl<T> CloneToUninit for T
where T: Clone,

Source§

unsafe fn clone_to_uninit(&self, dest: *mut u8)

🔬This is a nightly-only experimental API. (clone_to_uninit)
Performs copy-assignment from self to dest. Read more
Source§

impl<T> Conv for T

Source§

fn conv<T>(self) -> T
where Self: Into<T>,

Converts self into T using Into<T>. Read more
Source§

impl<T> FmtForward for T

Source§

fn fmt_binary(self) -> FmtBinary<Self>
where Self: Binary,

Causes self to use its Binary implementation when Debug-formatted.
Source§

fn fmt_display(self) -> FmtDisplay<Self>
where Self: Display,

Causes self to use its Display implementation when Debug-formatted.
Source§

fn fmt_lower_exp(self) -> FmtLowerExp<Self>
where Self: LowerExp,

Causes self to use its LowerExp implementation when Debug-formatted.
Source§

fn fmt_lower_hex(self) -> FmtLowerHex<Self>
where Self: LowerHex,

Causes self to use its LowerHex implementation when Debug-formatted.
Source§

fn fmt_octal(self) -> FmtOctal<Self>
where Self: Octal,

Causes self to use its Octal implementation when Debug-formatted.
Source§

fn fmt_pointer(self) -> FmtPointer<Self>
where Self: Pointer,

Causes self to use its Pointer implementation when Debug-formatted.
Source§

fn fmt_upper_exp(self) -> FmtUpperExp<Self>
where Self: UpperExp,

Causes self to use its UpperExp implementation when Debug-formatted.
Source§

fn fmt_upper_hex(self) -> FmtUpperHex<Self>
where Self: UpperHex,

Causes self to use its UpperHex implementation when Debug-formatted.
Source§

fn fmt_list(self) -> FmtList<Self>
where &'a Self: for<'a> IntoIterator,

Formats each item in a sequence. Read more
Source§

impl<T> From<T> for T

Source§

fn from(t: T) -> T

Returns the argument unchanged.

Source§

impl<T, U> Into<U> for T
where U: From<T>,

Source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Source§

impl<T> Pipe for T
where T: ?Sized,

Source§

fn pipe<R>(self, func: impl FnOnce(Self) -> R) -> R
where Self: Sized,

Pipes by value. This is generally the method you want to use. Read more
Source§

fn pipe_ref<'a, R>(&'a self, func: impl FnOnce(&'a Self) -> R) -> R
where R: 'a,

Borrows self and passes that borrow into the pipe function. Read more
Source§

fn pipe_ref_mut<'a, R>(&'a mut self, func: impl FnOnce(&'a mut Self) -> R) -> R
where R: 'a,

Mutably borrows self and passes that borrow into the pipe function. Read more
Source§

fn pipe_borrow<'a, B, R>(&'a self, func: impl FnOnce(&'a B) -> R) -> R
where Self: Borrow<B>, B: 'a + ?Sized, R: 'a,

Borrows self, then passes self.borrow() into the pipe function. Read more
Source§

fn pipe_borrow_mut<'a, B, R>( &'a mut self, func: impl FnOnce(&'a mut B) -> R, ) -> R
where Self: BorrowMut<B>, B: 'a + ?Sized, R: 'a,

Mutably borrows self, then passes self.borrow_mut() into the pipe function. Read more
Source§

fn pipe_as_ref<'a, U, R>(&'a self, func: impl FnOnce(&'a U) -> R) -> R
where Self: AsRef<U>, U: 'a + ?Sized, R: 'a,

Borrows self, then passes self.as_ref() into the pipe function.
Source§

fn pipe_as_mut<'a, U, R>(&'a mut self, func: impl FnOnce(&'a mut U) -> R) -> R
where Self: AsMut<U>, U: 'a + ?Sized, R: 'a,

Mutably borrows self, then passes self.as_mut() into the pipe function.
Source§

fn pipe_deref<'a, T, R>(&'a self, func: impl FnOnce(&'a T) -> R) -> R
where Self: Deref<Target = T>, T: 'a + ?Sized, R: 'a,

Borrows self, then passes self.deref() into the pipe function.
Source§

fn pipe_deref_mut<'a, T, R>( &'a mut self, func: impl FnOnce(&'a mut T) -> R, ) -> R
where Self: DerefMut<Target = T> + Deref, T: 'a + ?Sized, R: 'a,

Mutably borrows self, then passes self.deref_mut() into the pipe function.
Source§

impl<T> Same for T

Source§

type Output = T

Should always be Self
Source§

impl<T> Tap for T

Source§

fn tap(self, func: impl FnOnce(&Self)) -> Self

Immutable access to a value. Read more
Source§

fn tap_mut(self, func: impl FnOnce(&mut Self)) -> Self

Mutable access to a value. Read more
Source§

fn tap_borrow<B>(self, func: impl FnOnce(&B)) -> Self
where Self: Borrow<B>, B: ?Sized,

Immutable access to the Borrow<B> of a value. Read more
Source§

fn tap_borrow_mut<B>(self, func: impl FnOnce(&mut B)) -> Self
where Self: BorrowMut<B>, B: ?Sized,

Mutable access to the BorrowMut<B> of a value. Read more
Source§

fn tap_ref<R>(self, func: impl FnOnce(&R)) -> Self
where Self: AsRef<R>, R: ?Sized,

Immutable access to the AsRef<R> view of a value. Read more
Source§

fn tap_ref_mut<R>(self, func: impl FnOnce(&mut R)) -> Self
where Self: AsMut<R>, R: ?Sized,

Mutable access to the AsMut<R> view of a value. Read more
Source§

fn tap_deref<T>(self, func: impl FnOnce(&T)) -> Self
where Self: Deref<Target = T>, T: ?Sized,

Immutable access to the Deref::Target of a value. Read more
Source§

fn tap_deref_mut<T>(self, func: impl FnOnce(&mut T)) -> Self
where Self: DerefMut<Target = T> + Deref, T: ?Sized,

Mutable access to the Deref::Target of a value. Read more
Source§

fn tap_dbg(self, func: impl FnOnce(&Self)) -> Self

Calls .tap() only in debug builds, and is erased in release builds.
Source§

fn tap_mut_dbg(self, func: impl FnOnce(&mut Self)) -> Self

Calls .tap_mut() only in debug builds, and is erased in release builds.
Source§

fn tap_borrow_dbg<B>(self, func: impl FnOnce(&B)) -> Self
where Self: Borrow<B>, B: ?Sized,

Calls .tap_borrow() only in debug builds, and is erased in release builds.
Source§

fn tap_borrow_mut_dbg<B>(self, func: impl FnOnce(&mut B)) -> Self
where Self: BorrowMut<B>, B: ?Sized,

Calls .tap_borrow_mut() only in debug builds, and is erased in release builds.
Source§

fn tap_ref_dbg<R>(self, func: impl FnOnce(&R)) -> Self
where Self: AsRef<R>, R: ?Sized,

Calls .tap_ref() only in debug builds, and is erased in release builds.
Source§

fn tap_ref_mut_dbg<R>(self, func: impl FnOnce(&mut R)) -> Self
where Self: AsMut<R>, R: ?Sized,

Calls .tap_ref_mut() only in debug builds, and is erased in release builds.
Source§

fn tap_deref_dbg<T>(self, func: impl FnOnce(&T)) -> Self
where Self: Deref<Target = T>, T: ?Sized,

Calls .tap_deref() only in debug builds, and is erased in release builds.
Source§

fn tap_deref_mut_dbg<T>(self, func: impl FnOnce(&mut T)) -> Self
where Self: DerefMut<Target = T> + Deref, T: ?Sized,

Calls .tap_deref_mut() only in debug builds, and is erased in release builds.
Source§

impl<T> ToOwned for T
where T: Clone,

Source§

type Owned = T

The resulting type after obtaining ownership.
Source§

fn to_owned(&self) -> T

Creates owned data from borrowed data, usually by cloning. Read more
Source§

fn clone_into(&self, target: &mut T)

Uses borrowed data to replace owned data, usually by cloning. Read more
Source§

impl<T> TryConv for T

Source§

fn try_conv<T>(self) -> Result<T, Self::Error>
where Self: TryInto<T>,

Attempts to convert self into T using TryInto<T>. Read more
Source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

Source§

type Error = Infallible

The type returned in the event of a conversion error.
Source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
Source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

Source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
Source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.
Source§

impl<T> DeserializeOwned for T
where T: for<'de> Deserialize<'de>,