github/tss-lib
1
1
Fork 0
mirror of https://github.com/SwingbyProtocol/tss-lib.git synced 2026-04-23 03:00:36 -04:00
Code Issues Packages Projects Releases Wiki Activity
672 Commits 8 Branches 3 Tags
master
Commit Graph

181 Commits

Author SHA1 Message Date
Gustavo Frederico
1e02560e7e Merging the branch that has CGGMP21 Oct changes onto the master branch. Resolving conflicts (listed below). In general, file versions of CGGMP21 Oct were chosen and security patches or small recent improvements from the master branch were copied over. 
Merge branch 'master' into feature/cggmp21oct-tss-lib-tmp-merge

# Conflicts:
#	.github/workflows/test.yml
#	Makefile
#	README.md
#	crypto/ckd/child_key_derivation.go
#	crypto/ecpoint.go
#	crypto/mta/proofs.go
#	crypto/mta/range_proof.go
#	crypto/mta/share_protocol.go
#	crypto/mta/share_protocol_test.go
#	crypto/paillier/paillier.go
#	crypto/vss/feldman_vss.go
#	ecdsa/keygen/ecdsa-keygen.pb.go
#	ecdsa/keygen/local_party.go
#	ecdsa/keygen/local_party_test.go
#	ecdsa/keygen/messages.go
#	ecdsa/keygen/prepare.go
#	ecdsa/keygen/round_1.go
#	ecdsa/keygen/round_2.go
#	ecdsa/keygen/round_3.go
#	ecdsa/keygen/round_4.go
#	ecdsa/keygen/save_data.go
#	ecdsa/resharing/ecdsa-resharing.pb.go
#	ecdsa/resharing/local_party_test.go
#	ecdsa/resharing/messages.go
#	ecdsa/resharing/round_1_old_step_1.go
#	ecdsa/resharing/round_4_new_step_2.go
#	ecdsa/signing/ecdsa-signing.pb.go
#	ecdsa/signing/finalize.go
#	ecdsa/signing/key_derivation_util.go
#	ecdsa/signing/local_party.go
#	ecdsa/signing/local_party_test.go
#	ecdsa/signing/messages.go
#	ecdsa/signing/prepare.go
#	ecdsa/signing/round_1.go
#	ecdsa/signing/round_2.go
#	ecdsa/signing/round_3.go
#	ecdsa/signing/round_4.go
#	ecdsa/signing/round_5.go
#	ecdsa/signing/round_6.go
#	ecdsa/signing/round_7.go
#	ecdsa/signing/rounds.go
#	eddsa/keygen/eddsa-keygen.pb.go
#	eddsa/keygen/local_party.go
#	eddsa/keygen/local_party_test.go
#	eddsa/keygen/messages.go
#	eddsa/keygen/round_1.go
#	eddsa/keygen/round_2.go
#	eddsa/keygen/round_3.go
#	eddsa/keygen/save_data.go
#	eddsa/keygen/test_utils.go
#	eddsa/resharing/eddsa-resharing.pb.go
#	eddsa/resharing/local_party.go
#	eddsa/resharing/local_party_test.go
#	eddsa/resharing/messages.go
#	eddsa/resharing/round_1_old_step_1.go
#	eddsa/resharing/round_4_new_step_2.go
#	eddsa/signing/eddsa-signing.pb.go
#	eddsa/signing/finalize.go
#	eddsa/signing/local_party.go
#	eddsa/signing/local_party_test.go
#	eddsa/signing/messages.go
#	eddsa/signing/prepare.go
#	eddsa/signing/round_1.go
#	eddsa/signing/round_2.go
#	eddsa/signing/round_3.go
#	eddsa/signing/rounds.go
#	eddsa/signing/utils.go
#	go.mod
#	go.sum
#	protob/ecdsa-keygen.proto
#	protob/ecdsa-resharing.proto
#	protob/ecdsa-signing.proto
#	protob/eddsa-keygen.proto
#	protob/eddsa-resharing.proto
#	protob/eddsa-signing.proto
#	protob/message.proto
#	protob/signature.proto
#	test/_ecdsa_fixtures/keygen_data_0.json
#	test/_ecdsa_fixtures/keygen_data_1.json
#	test/_ecdsa_fixtures/keygen_data_2.json
#	test/_ecdsa_fixtures/keygen_data_3.json
#	test/_ecdsa_fixtures/keygen_data_4.json
#	test/_eddsa_fixtures/keygen_data_0.json
#	test/_eddsa_fixtures/keygen_data_1.json
#	test/_eddsa_fixtures/keygen_data_2.json
#	test/_eddsa_fixtures/keygen_data_3.json
#	test/_eddsa_fixtures/keygen_data_4.json
#	test/config.go
#	tss/message.pb.go
#	tss/params.go
#	tss/party.go
#	tss/wire.go
 2021-12-17 16:03:49 -05:00
Gustavo Frederico
b401af0289 Do not normalize IDs of Shamir's Secret Sharing 2021-12-14 07:54:27 +00:00
Gustavo Frederico
3a9d45177e Fixing issue in the Feldman VSS code. Checking indexes modulo the curve order, so as not to leak evaluation at point 0. 2021-12-13 15:38:09 +00:00
creamwhip
b6e761a803 go fmt 2021-12-07 22:36:11 +08:00
Gustavo Frederico
17772d0e9c Changing the validation of the mod zkp. Changing back validation of NonEmptyBytes. Adding back the TestBadMessageCulprits unit test. 2021-12-01 11:22:53 -05:00
Gustavo Frederico
8b376e72fc go fmt only for files touched in comparison with forked branch (cggmp21-tss-lib). No functional change in this commit. 2021-11-30 21:37:24 -05:00
Gustavo Frederico
f81d9700a2 Adding identification of abort for ECDSA signing. 2021-11-22 19:08:19 -05:00
Gustavo Frederico
36573fc6ee Initial updates of the October version of the CGGMP21 paper. Work in progress. 2021-11-15 21:38:27 -05:00
Gustavo Frederico
2042383b62 Adding the No Small Factor Proof, mentioned in the CGGMP21-October paper. 2021-11-15 16:52:59 -05:00
Gustavo Frederico
701d83177a Paillier check. Mta and Dec unit tests. 2021-11-08 23:56:44 -05:00
Gustavo Frederico
258557a65e Adding a unit test function in zkpdec including composition of Paillier addition and multiplication. The same logic will apply to identification_6.go. No functional change. 2021-11-04 19:58:24 -04:00
Gustavo Frederico
b396352ce9 Bug fix for vss, check shareid when constructing vss. 2021-10-27 19:26:33 -04:00
Gustavo Frederico
ac1d2cc9a0 Identification of aborts with unit test. 2021-10-26 23:39:42 -04:00
Gustavo Frederico
4397af0043 keygen: adding a Schnorr proof in round 1. Adding missing ridi and rid. Adding Xi and Ai to the hashes and messages. Adding Schnorr zkp in round 3. Adding proof verifications in round 4. 2021-10-18 18:39:19 -04:00
ycen
ac37ece47f ecdsa-keygen parallization and code clean 2021-09-30 18:00:10 +08:00
ycen
06fd3376c8 Fix ecdsa/keygen E2E test not run 2021-09-27 15:04:43 +08:00
ycen
a01df8351c Fix ecdsa-keygen test 2021-09-23 20:47:45 +08:00
ycen
1ff2f61744 Update ecdsa-keygen protol 2021-09-23 13:49:11 +08:00
ycen
c6b18b0af9 Add ZK proof prm and sch 
with related change in ecdsa/keygen
 2021-09-16 14:33:56 +08:00
ycen
aa596c3c2f Add ZKP needed form identification 2021-09-13 18:21:51 +08:00
ycen
07d80fc111 Rename round name to presign/sign 2021-09-09 20:09:39 +08:00
ycen
18a04094ef Parallized processing proof generation and verify 2021-09-09 16:06:54 +08:00
Patrick Cen
7f81429cfe Merge commit '3e4ded5feaf5a14f80a87e53bf27646851c8dd57' into internal-mobile-wrapper 2021-09-09 11:41:01 +08:00
Patrick Cen
97d9fe472b CGGMP protocol update. 
One round signing and thre round presign protocol according to the CGGMP
paper.
 2021-09-09 00:53:33 +08:00
FitzLu
ebed832779 pass curve in DeriveChildKey 2021-09-08 13:35:37 +08:00
FitzLu
3188c30104 specify curve in NewExtendedKey 2021-09-08 13:00:50 +08:00
ycen
a24b05104e Cherrypick child key derivation (#140) 
* Cherrypick child_key_derivation from SwingbyProtocol
https://github.com/SwingbyProtocol/tss-lib/pull/6/files#diff-e663957d1112b8c89bb7a782fe1cebe0d5e4d84a17861ae5af5cc0b59d1dbf56

* Add serialization to child key derivation
add test case from github.com/btcsuite/hdkeychain

* Making ec as parameter in key_derivation_util

* Add version string to extendedkey, to comply with BIP32
 2021-08-26 21:06:36 +08:00
Patrick Cen
0f5841e393 Add serialization to child key derivation 
add test case from github.com/btcsuite/hdkeychain
 2021-08-24 15:21:00 +08:00
Patrick Cen
90aeb69c75 Cherrypick child_key_derivation from SwingbyProtocol 
https://github.com/SwingbyProtocol/tss-lib/pull/6/files#diff-e663957d1112b8c89bb7a782fe1cebe0d5e4d84a17861ae5af5cc0b59d1dbf56
 2021-08-18 14:16:35 +08:00
Fitz
856d77b7fb Curve as parameter (#137) 
* move curve into tss.Parameters

* regen proto with full package name

* pass curve through parameter

* add curve name in ecpoint json serialization
 2021-07-06 11:51:20 +08:00
Gustavo Frederico
2fbc4829ab Implementing two recommendations on the report. No change in functionality. 2021-06-29 18:32:20 +08:00
Gustavo Frederico
d67daaf364 make fmt. No functional change. 2021-05-06 20:46:25 -04:00
Gustavo Frederico
f3dab69047 Matching binance-chain tss-lib commit c318b67738db63fc6d2b3455dfc7a4da34421eda. 
Removing the witness in signing as the verifier only trusts its own Ntilde,h1,h2.
 2021-05-06 20:40:12 -04:00
creamwhip
38b98e44fa fix up some linter warnings 2021-03-19 06:17:47 +08:00
Gustavo Frederico
4b3176da83 Implementing child key derivation, aka HD support, based on BIP-32. We only use non-hardened derived keys. We update xi's and bigXj in signing. 
Differently from other implementations, this commit does not require updates u_i or the VSS commitment to the polynomial either, as these are not used during the signing phase. This commit does not need a leader party either.
 2021-01-15 10:31:28 -05:00
cong
9d8889d446 Internal mobile wrapper eddsa (#124) 
* [R4R] Add eddsa (#88)

* [R4R] Add eddsa keygen and signing (#3)

* add eddsa signing and keygen

* contruct extended element from x,y

* update dep

* fix test

* fix bug

* delete unused code

* add resharing

* fix comments

* refactor RejectionSampl;e

* rename variable (#4)

* delete printf

* update dependency

* resolve conflict

* Update readme about EdDSA (#91)

* update readme about eddsa

* minor fix

* S in eddsa signature is not encoded correctly

* fix msg in eddsa hasn't to be a int.

* fix unit test

* register DGRound4Message for eddsa resharing (#99)

Co-authored-by: yutianwu <wzxingbupt@gmail.com>
Co-authored-by: dylenfu <dylenfu@126.com>
 2020-12-08 16:50:06 +08:00
Gustavo Frederico
07d657d392 ecdsa keygen: incorporating changes based on Luke's review of the pull request. Adding proofs to ValidateBasic, refactoring multi culprit identification and errors in round 2, mea culpa in round 3, minor code change with no functional change in round 4. 2020-11-30 12:16:07 -05:00
Gustavo Frederico
a8685830e5 Running go fmt. No functional change. 2020-11-25 09:04:39 -05:00
Luke Plaster
8a3c90609b crypto/ecpoint: avoid a data race in ValidateBasic 2020-11-15 16:25:25 +08:00
Luke Plaster
f17684f133 misc: code style 2020-11-15 16:25:25 +08:00
Luke Plaster
6187032114 crypto/ecpoint: remove legacy SubPoint func 2020-11-15 16:25:25 +08:00
Luke Plaster
eafa3ee947 ecdsa/signing: type 7 abort done 2020-11-15 16:25:25 +08:00
Luke Plaster
5f7f74a79a crypto/zkp: add ecddh proof for verifying g^sigma_i in final abort 2020-11-15 16:24:46 +08:00
Luke Plaster
6ab828b4aa ecdsa/signing: type 7 abort almost done 2020-11-15 16:24:46 +08:00
Luke Plaster
431b61fbc2 ecdsa/signing: include signature for C2 ciphertext in r2 msg for type 7 aborts 2020-11-15 16:24:46 +08:00
Luke Plaster
524d07a53a use the latest protobufs 2020-11-15 16:24:46 +08:00
Luke Plaster
7935d1ca99 ecdsa/signing: implement 'type 7' identified abort (blame), use google.golang.org/protobuf v1.24.0 2020-11-15 16:24:46 +08:00
Luke Plaster
9e193d8086 crypto/paillier: add DecryptAndRecoverRandomness for 'type 7' identified abort (blame) 2020-11-15 16:24:46 +08:00
Luke Plaster
b6b577da8d eddsa/signing: add identifable abort for phase 7 2020-11-15 16:24:46 +08:00
Luke Plaster
b8a5c29282 ecdsa/signing: implement round 5 ZKP of consistency between Rdash_i and E_i(k_i) 
ported from the kzen impl: https://git.io/Jf69a
 2020-11-15 16:23:52 +08:00