sonr/crypto/dkg/gennaro2p/genarro2p_test.go

//
// Copyright Coinbase, Inc. All Rights Reserved.
//
// SPDX-License-Identifier: Apache-2.0
//

package gennaro2p

import (
	"crypto/elliptic"
	"fmt"
	"reflect"
	"testing"

	"github.com/btcsuite/btcd/btcec/v2"
	"github.com/stretchr/testify/require"

	"github.com/onsonr/sonr/crypto/core/curves"
	v1 "github.com/onsonr/sonr/crypto/sharing/v1"
)

var (
	curveScalar = curves.NewK256Scalar()
	curve       = btcec.S256()
)

const (
	clientId = 1
	serverId = 2
)

// Benchmark full DKG including blind selection and setup
func BenchmarkDkg(b *testing.B) {
	if testing.Short() {
		b.Skip("skipping test in short mode.")
	}

	for i := 0; i < b.N; i++ {
		_, _, err := dkg()
		require.NoError(b, err)
	}
}

// Run a DKG and reports the client/server results
func dkg() (*DkgResult, *DkgResult, error) {
	// Create client/server
	blind, _ := newBlind(curveScalar, curve)

	client, err := NewParticipant(clientId, serverId, blind, curveScalar, curve)
	if err != nil {
		return nil, nil, err
	}

	server, err := NewParticipant(serverId, clientId, blind, curveScalar, curve)
	if err != nil {
		return nil, nil, err
	}

	// R1
	clientR1, err := client.Round1(nil)
	if err != nil {
		return nil, nil, err
	}

	serverR1, err := server.Round1(nil)
	if err != nil {
		return nil, nil, err
	}

	// R2
	clientR2, err := client.Round2(serverR1)
	if err != nil {
		return nil, nil, err
	}

	serverR2, err := server.Round2(clientR1)
	if err != nil {
		return nil, nil, err
	}

	// Finalize
	clientResult, err := client.Finalize(serverR2)
	if err != nil {
		return nil, nil, err
	}

	serverResult, err := server.Finalize(clientR2)
	if err != nil {
		return nil, nil, err
	}

	return clientResult, serverResult, nil
}

// Run a full DKG and verify the absence of errors and valid results
func TestDkg(t *testing.T) {
	// Setup and ensure no errors
	clientResult, serverResult, err := dkg()
	require.NoError(t, err)
	require.NotNil(t, clientResult)
	require.NotNil(t, serverResult)

	// Now run tests
	t.Run("produce the same public key", func(t *testing.T) {
		require.Equal(t, clientResult.PublicKey, serverResult.PublicKey)
	})
	t.Run("produce identical public shares", func(t *testing.T) {
		require.True(t, reflect.DeepEqual(clientResult.PublicShares, serverResult.PublicShares))
	})
	t.Run("produce distinct secret shares", func(t *testing.T) {
		require.NotEqual(t, clientResult.SecretShare, serverResult.SecretShare)
	})
	t.Run("produce distinct secret shares", func(t *testing.T) {
		require.NotEqual(t, clientResult.SecretShare, serverResult.SecretShare)
	})
	t.Run("shares sum to expected public key", func(t *testing.T) {
		pubkey, err := reconstructPubkey(
			clientResult.SecretShare,
			serverResult.SecretShare,
			curve)
		require.NoError(t, err)
		require.Equal(t, serverResult.PublicKey, pubkey)
	})
}

// Reconstruct the pubkey from 2 shares
func reconstructPubkey(s1, s2 *v1.ShamirShare, curve elliptic.Curve) (*curves.EcPoint, error) {
	s, err := v1.NewShamir(2, 2, s1.Value.Field())
	if err != nil {
		return nil, err
	}

	sk, err := s.Combine(s1, s2)
	if err != nil {
		return nil, err
	}

	x, y := curve.ScalarBaseMult(sk)
	return &curves.EcPoint{
		Curve: curve,
		X:     x,
		Y:     y,
	}, nil
}

// Test blind generator helper function produces a value on the expected curve
func TestNewBlindOnCurve(t *testing.T) {
	const n = 1024
	for i := 0; i < n; i++ {
		b, err := newBlind(curveScalar, curve)
		require.NoError(t, err)
		require.NotNil(t, b)

		// Valid point?
		require.True(t, b.IsOnCurve() && b.IsValid())
		require.True(t, b.IsValid())
		require.False(t, b.IsIdentity())
		require.False(t, b.IsBasePoint())
	}
}

func TestNewBlindProvidesDistinctPoints(t *testing.T) {
	const n = 1024
	seen := make(map[string]bool, n)
	// seen := make(map[core.EcPoint]bool, n)

	for i := 0; i < n; i++ {
		b, err := newBlind(curveScalar, curve)
		require.NoError(t, err)

		// serialize so the point is hashable
		txt := fmt.Sprintf("%#v", b)

		// We shouldn't see the same point twice
		ok := seen[txt]
		require.False(t, ok)

		// store
		seen[txt] = true
	}
}
feature/1114 implement account interface (#1167) - refactor: move session-related code to middleware package - refactor: update PKL build process and adjust related configurations - feat: integrate base.cosmos.v1 Genesis module - refactor: pass session context to modal rendering functions - refactor: move nebula package to app directory and update templ version - refactor: Move home section video view to dedicated directory - refactor: remove unused views file - refactor: move styles and UI components to global scope - refactor: Rename images.go to cdn.go - feat: Add Empty State Illustrations - refactor: Consolidate Vault Index Logic - fix: References to App.wasm and remove Vault Directory embedded CDN files - refactor: Move CDN types to Models - fix: Correct line numbers in templ error messages for arch_templ.go - refactor: use common types for peer roles - refactor: move common types and ORM to a shared package - fix: Config import dwn - refactor: move nebula directory to app - feat: Rebuild nebula - fix: correct file paths in panels templates - feat: Remove duplicate types - refactor: Move dwn to pkg/core - refactor: Binary Structure - feat: Introduce Crypto Pkg - fix: Broken Process Start - *feat: Update pkg/ structure - feat: Refactor PKL Structure - build: update pkl build process - chore: Remove Empty Files - refactor: remove unused macaroon package - feat: Add WebAwesome Components - refactor: consolidate build and generation tasks into a single taskfile, remove redundant makefile targets - refactor: refactor server and move components to pkg/core/dwn - build: update go modules - refactor: move gateway logic into dedicated hway command - feat: Add KSS (Krawczyk-Song-Song) MPC cryptography module - feat: Implement MPC-based JWT signing and UCAN token generation - feat: add support for MPC-based JWT signing - feat: Implement MPC-based UCAN capabilities for smart accounts - feat: add address field to keyshareSource - feat: Add comprehensive MPC test suite for keyshares, UCAN tokens, and token attenuations - refactor: improve MPC keyshare management and signing process - feat: enhance MPC capability hierarchy documentation - refactor: rename GenerateKeyshares function to NewKeyshareSource for clarity - refactor: remove unused Ethereum address computation - feat: Add HasHandle and IsAuthenticated methods to HTTPContext - refactor: Add context.Context support to session HTTPContext - refactor: Resolve context interface conflicts in HTTPContext - feat: Add session ID context key and helper functions - feat: Update WebApp Page Rendering - refactor: Simplify context management by using single HTTPContext key - refactor: Simplify HTTPContext creation and context management in session middleware - refactor: refactor session middleware to use a single data structure - refactor: Simplify HTTPContext implementation and session data handling - refactor: Improve session context handling and prevent nil pointer errors - refactor: Improve session context handling with nil safety and type support - refactor: improve session data injection - feat: add full-screen modal component and update registration flow - chore: add .air.toml to .gitignore - feat: add Air to devbox and update dependencies** 2024-11-23 01:28:58 -05:00			`//`
			`// Copyright Coinbase, Inc. All Rights Reserved.`
			`//`
			`// SPDX-License-Identifier: Apache-2.0`
			`//`

			`package gennaro2p`

			`import (`
			`"crypto/elliptic"`
			`"fmt"`
			`"reflect"`
			`"testing"`

			`"github.com/btcsuite/btcd/btcec/v2"`
			`"github.com/stretchr/testify/require"`

feature/1220 origin handle exists method (#1241) * feat: add docs and CI workflow for publishing to onsonr.dev * (refactor): Move hway,motr executables to their own repos * feat: simplify devnet and testnet configurations * refactor: update import path for didcrypto package * docs(networks): Add README with project overview, architecture, and community links * refactor: Move network configurations to deploy directory * build: update golang version to 1.23 * refactor: move logger interface to appropriate package * refactor: Move devnet configuration to networks/devnet * chore: improve release process with date variable * (chore): Move Crypto Library * refactor: improve code structure and readability in DID module * feat: integrate Trunk CI checks * ci: optimize CI workflow by removing redundant build jobs --------- Co-authored-by: Darp Alakun <i@prad.nu> 2025-01-06 12:06:10 -05:00			`"github.com/onsonr/sonr/crypto/core/curves"`
			`v1 "github.com/onsonr/sonr/crypto/sharing/v1"`
feature/1114 implement account interface (#1167) - refactor: move session-related code to middleware package - refactor: update PKL build process and adjust related configurations - feat: integrate base.cosmos.v1 Genesis module - refactor: pass session context to modal rendering functions - refactor: move nebula package to app directory and update templ version - refactor: Move home section video view to dedicated directory - refactor: remove unused views file - refactor: move styles and UI components to global scope - refactor: Rename images.go to cdn.go - feat: Add Empty State Illustrations - refactor: Consolidate Vault Index Logic - fix: References to App.wasm and remove Vault Directory embedded CDN files - refactor: Move CDN types to Models - fix: Correct line numbers in templ error messages for arch_templ.go - refactor: use common types for peer roles - refactor: move common types and ORM to a shared package - fix: Config import dwn - refactor: move nebula directory to app - feat: Rebuild nebula - fix: correct file paths in panels templates - feat: Remove duplicate types - refactor: Move dwn to pkg/core - refactor: Binary Structure - feat: Introduce Crypto Pkg - fix: Broken Process Start - *feat: Update pkg/ structure - feat: Refactor PKL Structure - build: update pkl build process - chore: Remove Empty Files - refactor: remove unused macaroon package - feat: Add WebAwesome Components - refactor: consolidate build and generation tasks into a single taskfile, remove redundant makefile targets - refactor: refactor server and move components to pkg/core/dwn - build: update go modules - refactor: move gateway logic into dedicated hway command - feat: Add KSS (Krawczyk-Song-Song) MPC cryptography module - feat: Implement MPC-based JWT signing and UCAN token generation - feat: add support for MPC-based JWT signing - feat: Implement MPC-based UCAN capabilities for smart accounts - feat: add address field to keyshareSource - feat: Add comprehensive MPC test suite for keyshares, UCAN tokens, and token attenuations - refactor: improve MPC keyshare management and signing process - feat: enhance MPC capability hierarchy documentation - refactor: rename GenerateKeyshares function to NewKeyshareSource for clarity - refactor: remove unused Ethereum address computation - feat: Add HasHandle and IsAuthenticated methods to HTTPContext - refactor: Add context.Context support to session HTTPContext - refactor: Resolve context interface conflicts in HTTPContext - feat: Add session ID context key and helper functions - feat: Update WebApp Page Rendering - refactor: Simplify context management by using single HTTPContext key - refactor: Simplify HTTPContext creation and context management in session middleware - refactor: refactor session middleware to use a single data structure - refactor: Simplify HTTPContext implementation and session data handling - refactor: Improve session context handling and prevent nil pointer errors - refactor: Improve session context handling with nil safety and type support - refactor: improve session data injection - feat: add full-screen modal component and update registration flow - chore: add .air.toml to .gitignore - feat: add Air to devbox and update dependencies** 2024-11-23 01:28:58 -05:00			`)`

			`var (`
			`curveScalar = curves.NewK256Scalar()`
			`curve = btcec.S256()`
			`)`

			`const (`
			`clientId = 1`
			`serverId = 2`
			`)`

			`// Benchmark full DKG including blind selection and setup`
			`func BenchmarkDkg(b *testing.B) {`
			`if testing.Short() {`
			`b.Skip("skipping test in short mode.")`
			`}`

			`for i := 0; i < b.N; i++ {`
			`_, _, err := dkg()`
			`require.NoError(b, err)`
			`}`
			`}`

			`// Run a DKG and reports the client/server results`
			`func dkg() (DkgResult, DkgResult, error) {`
			`// Create client/server`
			`blind, _ := newBlind(curveScalar, curve)`

			`client, err := NewParticipant(clientId, serverId, blind, curveScalar, curve)`
			`if err != nil {`
			`return nil, nil, err`
			`}`

			`server, err := NewParticipant(serverId, clientId, blind, curveScalar, curve)`
			`if err != nil {`
			`return nil, nil, err`
			`}`

			`// R1`
			`clientR1, err := client.Round1(nil)`
			`if err != nil {`
			`return nil, nil, err`
			`}`

			`serverR1, err := server.Round1(nil)`
			`if err != nil {`
			`return nil, nil, err`
			`}`

			`// R2`
			`clientR2, err := client.Round2(serverR1)`
			`if err != nil {`
			`return nil, nil, err`
			`}`

			`serverR2, err := server.Round2(clientR1)`
			`if err != nil {`
			`return nil, nil, err`
			`}`

			`// Finalize`
			`clientResult, err := client.Finalize(serverR2)`
			`if err != nil {`
			`return nil, nil, err`
			`}`

			`serverResult, err := server.Finalize(clientR2)`
			`if err != nil {`
			`return nil, nil, err`
			`}`

			`return clientResult, serverResult, nil`
			`}`

			`// Run a full DKG and verify the absence of errors and valid results`
			`func TestDkg(t *testing.T) {`
			`// Setup and ensure no errors`
			`clientResult, serverResult, err := dkg()`
			`require.NoError(t, err)`
			`require.NotNil(t, clientResult)`
			`require.NotNil(t, serverResult)`

			`// Now run tests`
			`t.Run("produce the same public key", func(t *testing.T) {`
			`require.Equal(t, clientResult.PublicKey, serverResult.PublicKey)`
			`})`
			`t.Run("produce identical public shares", func(t *testing.T) {`
			`require.True(t, reflect.DeepEqual(clientResult.PublicShares, serverResult.PublicShares))`
			`})`
			`t.Run("produce distinct secret shares", func(t *testing.T) {`
			`require.NotEqual(t, clientResult.SecretShare, serverResult.SecretShare)`
			`})`
			`t.Run("produce distinct secret shares", func(t *testing.T) {`
			`require.NotEqual(t, clientResult.SecretShare, serverResult.SecretShare)`
			`})`
			`t.Run("shares sum to expected public key", func(t *testing.T) {`
			`pubkey, err := reconstructPubkey(`
			`clientResult.SecretShare,`
			`serverResult.SecretShare,`
			`curve)`
			`require.NoError(t, err)`
			`require.Equal(t, serverResult.PublicKey, pubkey)`
			`})`
			`}`

			`// Reconstruct the pubkey from 2 shares`
			`func reconstructPubkey(s1, s2 v1.ShamirShare, curve elliptic.Curve) (curves.EcPoint, error) {`
			`s, err := v1.NewShamir(2, 2, s1.Value.Field())`
			`if err != nil {`
			`return nil, err`
			`}`

			`sk, err := s.Combine(s1, s2)`
			`if err != nil {`
			`return nil, err`
			`}`

			`x, y := curve.ScalarBaseMult(sk)`
			`return &curves.EcPoint{`
			`Curve: curve,`
			`X: x,`
			`Y: y,`
			`}, nil`
			`}`

			`// Test blind generator helper function produces a value on the expected curve`
			`func TestNewBlindOnCurve(t *testing.T) {`
			`const n = 1024`
			`for i := 0; i < n; i++ {`
			`b, err := newBlind(curveScalar, curve)`
			`require.NoError(t, err)`
			`require.NotNil(t, b)`

			`// Valid point?`
			`require.True(t, b.IsOnCurve() && b.IsValid())`
			`require.True(t, b.IsValid())`
			`require.False(t, b.IsIdentity())`
			`require.False(t, b.IsBasePoint())`
			`}`
			`}`

			`func TestNewBlindProvidesDistinctPoints(t *testing.T) {`
			`const n = 1024`
			`seen := make(map[string]bool, n)`
			`// seen := make(map[core.EcPoint]bool, n)`

			`for i := 0; i < n; i++ {`
			`b, err := newBlind(curveScalar, curve)`
			`require.NoError(t, err)`

			`// serialize so the point is hashable`
			`txt := fmt.Sprintf("%#v", b)`

			`// We shouldn't see the same point twice`
			`ok := seen[txt]`
			`require.False(t, ok)`

			`// store`
			`seen[txt] = true`
			`}`
			`}`