Expand description
EXOCHAIN root genesis authority ceremony.
Structs§
- Ceremony
Envelope - Signed, bounded, untrusted relay envelope.
- Ceremony
Envelope Draft - Inputs that are signed into a portal relay envelope.
- Certifier
Contact - Public contact and verification material for a root certifier.
- Final
KeyConfirmation - Ratified final DKG key confirmation payload.
- Genesis
Ceremony Config - Root genesis ceremony configuration bound into every transcript and bundle.
- Pairwise
Encrypted Payload - Recipient-bound encrypted payload for DKG round two exchange.
- Portal
Store - In-memory portal store used by the server relay and tests.
- Root
DkgOutput - Complete in-memory DKG result for tests and offline ceremony tooling.
- Root
DkgRound1 Output - Serialized output from one certifier’s DKG round one.
- Root
DkgRound2 Output - Serialized output from one certifier’s DKG round two.
- Root
Issuer Delegation - Operational AVC issuer authority delegated by the root.
- Root
KeyPackage - Serialized FROST key package held by one certifier.
- Root
Participant DkgOutput - Final DKG material derived by one certifier.
- Root
Public KeyPackage - Serialized public key package and derived public metadata.
- Root
Signature - Serialized threshold signature over a root artifact.
- Root
Signature Share Output - One signer’s round-two signature share. Public; reveals nothing about the signer’s secret key share.
- Root
Signing Commitment - One signer’s round-one PUBLIC commitment. Relay-safe: carries no secret
material and is the only round-one artifact broadcast to the coordinator.
Kept deliberately separate from
RootSigningNoncesso the secret nonces can never be co-serialized with, or mistaken for, relay-safe data. - Root
Signing Nonces - One signer’s round-one SECRET signing nonces. LOCAL-ONLY — this artifact
must never be broadcast, archived off the signer, copied to the coordinator,
or submitted through the portal. In FROST, disclosure of these nonces
together with the signer’s later signature share can compromise the signer’s
secret key share. It derives
Serialize/Deserializeonly so a signer can persist it to a0600local file betweensign_commitandsign_share; the distinct type name keeps it from being confused with relay-safe data. - Root
Signing Package - Public signing package built by the coordinator from
>= thresholdcommitments. Distributed to the participating signers for round two. - Root
Trust Bundle - Root trust bundle produced by genesis.
- Sealed
Share - AEAD-wrapped certifier share artifact.
Enums§
- Ceremony
Payload Kind - Bounded payload type carried by a portal envelope.
- Ceremony
Phase - Ceremony phase associated with a portal envelope.
- Root
Error - Failures returned by root genesis ceremony, DKG, signing, portal, and share protection operations.
Constants§
- FINAL_
KEY_ CONFIRMATION_ DOMAIN - FINAL_
KEY_ CONFIRMATION_ SCHEMA_ VERSION - ROOT_
GENESIS_ SIGNERS - Institutional root roster size.
- ROOT_
GENESIS_ THRESHOLD - Institutional root threshold.
Functions§
- aggregate_
signature - Distributed signing — coordinator aggregates the exact predeclared signature shares into the final root signature and verifies it against the root public key.
- assemble_
root_ bundle - Assemble and verify a root trust bundle.
- build_
final_ key_ confirmation - Build the ratified final key confirmation payload for one finalized certifier. This emits only public confirmation material; the secret FROST key package is parsed locally to bind the certifier identifier but is never copied into the payload.
- build_
signing_ package - Distributed signing — coordinator assembles the signing package from at
the exact predeclared public commitments bound to
message(the root artifact). - ceremony_
config_ hash - Canonical hash of a root genesis ceremony config.
- decrypt_
pairwise_ payload - Decrypt a DKG round-two payload from one sender.
- dkg_
finalize_ participant - Finalize one participant’s DKG state after all peer round-one and round-two packages have been authenticated and collected.
- dkg_
round1 - Execute DKG round one for one rostered certifier.
- dkg_
round2 - Execute DKG round two for one certifier after all other round-one packages have been authenticated and collected.
- encode_
final_ key_ confirmation_ payload - Encode a ratified final key confirmation as portal payload bytes.
- encrypt_
pairwise_ payload - Encrypt a DKG round-two payload for exactly one recipient.
- run_
complete_ dkg - Run the all-roster DKG ceremony locally.
- seal_
share - Seal one serialized share artifact with passphrase-derived AEAD.
- sign_
commit - Distributed signing — round one. Produce one signer’s PUBLIC commitment and
SECRET nonces as two distinct artifacts, bound to the exact root
artifactbeing signed. Run by each participating certifier against its own share. The caller MUST broadcast only theRootSigningCommitmentand retain theRootSigningNonceslocally (never share, archive off-host, or submit it) untilsign_share. The artifact must be the bytes emitted byroot_artifact_payloadand is known before commitments are produced. - sign_
share - Distributed signing — round two. One signer produces its signature share from
its key package, its retained local-only
RootSigningNonces, the coordinator’sRootSigningPackage, and themessage(root artifact) it intends to sign. - threshold_
sign - Create a FROST threshold signature from the exact predeclared signing set.
- unseal_
share - Open one sealed share artifact.
- verify_
root_ bundle - Verify that a root trust bundle is self-consistent and root-signed.
- verify_
root_ signature - Verify a serialized root threshold signature against a root public key.
Type Aliases§
- Result
- Result alias used by the root genesis crate.