Struct key_share::DirtyCoreKeyShare

pub struct DirtyCoreKeyShare<E: Curve> {
    pub i: u16,
    pub key_info: DirtyKeyInfo<E>,
    pub x: NonZero<SecretScalar<E>>,
}

Dirty (unvalidated) core key share

Key share can be either polynomial or additive:

• Polynomial key share:

  • Supports any threshold $2 \le t \le n$
  • All signers co-share a secret polynomial $F(x)$ with degree $deg(F) = t-1$
  • Signer with index $i$ (index is in range $0 \le i < n$) holds secret share $x_i = F(I_i)$
  • Shared secret key is $\sk = F(0)$.

  If key share is polynomial, vss_setup fiels should be Some(_).

  $I_j$ mentioned above is defined in VssSetup::I. Reasonable default would be $I_j = j+1$.

• Additive key share:

  • Always non-threshold (i.e. $t=n$)
  • Signer with index $i$ holds a secret share $x_i$
  • All signers share a secret key that is sum of all secret shares $\sk = \sum_{j \in [n]} x_j$.

  Advantage of additive share is that DKG protocol that yields additive share is a bit more efficient.

HD wallets support

If hd-wallets feature is enabled, key share provides basic support of deterministic key derivation:

• chain_code field is added. If it’s Some(_), then the key is HD-capable. (shared_public_key, chain_code) is extended public key of the wallet (can be retrieved via extended_public_key method).
  • Setting chain_code to None disables HD wallets support for the key
• Convenient methods are provided such as derive_child_public_key

Fields

i: u16

Index of local party in key generation protocol

key_info: DirtyKeyInfo<E>

Public key info

x: NonZero<SecretScalar<E>>

Secret share $x_i$

Methods from Deref<Target = DirtyKeyInfo<E>>

pub fn share_preimage(&self, j: u16) -> Option<NonZero<Scalar<E>>>

Returns share preimage associated with j-th signer

• For additive shares, share preimage is defined as j+1
• For VSS-shares, share preimage is scalar $I_j$ such that $x_j = F(I_j)$ where $F(x)$ is polynomial co-shared by the signers and $x_j$ is secret share of j-th signer

Note: if you have no idea what it is, probably you don’t need it.

Trait Implementations

impl<E: Curve> AsRef<DirtyKeyInfo<E>> for DirtyCoreKeyShare<E>

fn as_ref(&self) -> &DirtyKeyInfo<E>

Converts this type into a shared reference of the (usually inferred) input type.

impl<E: Clone + Curve> Clone for DirtyCoreKeyShare<E>

fn clone(&self) -> DirtyCoreKeyShare<E>

Returns a copy of the value.

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source.

impl<E: Curve> Deref for DirtyCoreKeyShare<E>

type Target = DirtyKeyInfo<E>

The resulting type after dereferencing.

fn deref(&self) -> &Self::Target

Dereferences the value.

impl<E: Curve> Validate for DirtyCoreKeyShare<E>

type Error = InvalidCoreShare

Validation error

fn is_valid(&self) -> Result<(), Self::Error>

Checks whether value is valid

fn validate(self) -> Result<Valid<Self>, ValidateError<Self, Self::Error>>

where Self: Sized,

Validates the value

fn validate_ref(&self) -> Result<&Valid<Self>, Self::Error>

where Self: Sized,

Validates the value by reference

impl<E: Curve> ValidateFromParts<(u16, DirtyKeyInfo<E>, NonZero<SecretScalar<E>>)> for DirtyCoreKeyShare<E>

fn validate_parts( (i, key_info, x): &(u16, DirtyKeyInfo<E>, NonZero<SecretScalar<E>>) ) -> Result<(), Self::Error>

Validates parts

fn from_parts( (i, key_info, x): (u16, DirtyKeyInfo<E>, NonZero<SecretScalar<E>>) ) -> Self

Constructs Self from parts